[nsd-users] zones with TLSA records fail to transfer to opendnssec

Michael A. Peters mpeters at domblogger.net
Sat Apr 25 15:16:50 UTC 2015

On 04/25/2015 08:01 AM, Michael Grimm wrote:
> Hi —
> I am unsure whether that is an issue with nsd or openndssec, thus I will copy my mail to the opendnssec mailing list:
> 	This is with opendnssec 1.4.7 and nsd 4.1.2 in a FBSD10-STABLE jail.
> 	I recently noticed, after trying to modify one of my zones, that some of my zones fail zone transfers (one example):
> *snip*

I don't *think* it is NSD because all of my TLSA records transfer from 
master to slave without a hitch.

I'm not using opendnssec to sign any zones though, I sign with 
ldns-signzone and then transfer the signed zone file to the master via 
scp where shell scripts there find it, validate the zone file, and add 
it NSD.

Within about a minute all the slaves are updated, including TLSA updates.

I'm using nsd 3.2.18 on CentOS 7.

More information about the nsd-users mailing list