[Unbound-users] unbound and it's trust anchors
W.C.A. Wijngaards
wouter at NLnetLabs.nl
Fri Sep 19 06:52:04 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi B, Paul,
> On Thu, 18 Sep 2008, B C wrote:
>> Is there a way to get unbund to re-read it's trust anchors or does this
>> require a restart of unbound? If this doesn't already exist I think it would
>> be a very useful feature to be able to send a signal to unbound and tell it
>> to re-read all it's dnssec keys files.
A reload suffices:
kill -HUP `cat ...unbound.pid`
or
unbound-control reload
Paul Wouters wrote:
> That might be more complicated then it sounds? What do you do for records
> that no longer have a trust record which are in cache? Or records that
> might become validated/invalidated due to changes in the trust path?
The cache is cleared. That prevents your concerns.
Best regards,
Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkjTTBMACgkQkDLqNwOhpPiVWgCeNxxn7w8heCdWiBecwGD52LZU
caEAnRSWVcQE0Ndn6cTe1WIKoO5TiP7u
=mWpG
-----END PGP SIGNATURE-----
More information about the Unbound-users
mailing list