[Unbound-users] unbound and it's trust anchors
wouter at NLnetLabs.nl
Fri Sep 19 06:52:04 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hi B, Paul,
> On Thu, 18 Sep 2008, B C wrote:
>> Is there a way to get unbund to re-read it's trust anchors or does this
>> require a restart of unbound? If this doesn't already exist I think it would
>> be a very useful feature to be able to send a signal to unbound and tell it
>> to re-read all it's dnssec keys files.
A reload suffices:
kill -HUP `cat ...unbound.pid`
Paul Wouters wrote:
> That might be more complicated then it sounds? What do you do for records
> that no longer have a trust record which are in cache? Or records that
> might become validated/invalidated due to changes in the trust path?
The cache is cleared. That prevents your concerns.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Unbound-users