[knot-dns-users] zonefile-load: difference

Volker Janzen voja at voja.de
Sun Jan 20 20:31:52 CET 2019


I want to use Ansible to deploy zone files to my Knot signer (hidden 
master). The zone files should be generated from the Ansible playbook 
data and will not contain any DNSSEC related information, just SOA, NS, 
A, AAAA, TXT and MX records. I'd like to use Knot DNSSEC auto-signing. I 
can stop the Knot process before deploying new zone files. I use 
zonefile-load: difference in this case, as of the DNSKEY / CDNSKEY / CDS 
data should not be replaced with something new. Should this work for me, 
or is there anything I miss or is there even a better option?

Kind regards,

More information about the knot-dns-users mailing list