DNSSEC signing timing
Today our DNS64 server stopped validating pagan.rfc1925.org, this is the current contents of cached data
; <<>> DiG 9.9.5-4-Debian <<>> +dnssec +cdflag pagan.rfc1925.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17309
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 8
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;pagan.rfc1925.org. IN A
;; ANSWER SECTION:
pagan.rfc1925.org. 1625 IN A 89.187.130.14
pagan.rfc1925.org. 3591 IN RRSIG A 8 3 3600 20140715101451 20140715071451 36639 rfc1925.org. Hc7S7/mwJS1UFuLuIC7DAr4NIQUo8tyIWuOlV4CYx5BsASi+oVxbqaaD z0h6m/2wkjZ2MsCRrfHklvTSJYlRSYK1lWXQwtH4QcE71ImXAw48Me2/ FlT7sopRoWTQVcAY64CpixUzN5JnTbvKfhgKQeovv1PgWrLR08D2iDbo XTk=
;; AUTHORITY SECTION:
rfc1925.org. 2088 IN NS trubka.network.cz.
rfc1925.org. 2088 IN NS pagan.rfc1925.org.
rfc1925.org. 2088 IN RRSIG NS 8 2 3600 20140715101451 20140715071451 36639 rfc1925.org. ap0afkZ5yq0WyFD/Zfe1/tu2jmhkcTlrV1grjyvuYYcCaIK+QHN52Y+H BFvdbm1jETd1MFVcBy2USt9X8G9Nvzbi5e39kbK0hC/oGb9goAi8BWU3 TaJIOFVBaN1iqmjQy9fiiDjUdaeEVGBjuXTwFJQl7UXmHPXADntAeepn T2k=
;; ADDITIONAL SECTION:
pagan.rfc1925.org. 1625 IN AAAA 2a01:5f0:1006::57ec:c685
trubka.network.cz. 6938 IN A 81.91.84.116
trubka.network.cz. 6938 IN AAAA 2001:1568:b:145::1
trubka.network.cz. 6938 IN AAAA 2001:1568:b::145
pagan.rfc1925.org. 2900 IN RRSIG AAAA 8 3 3600 20140715162445 20140715132445 36639 rfc1925.org. BBB7rLYOc3IN3Riduw7MGgrke83a7ZjEFbNMZl+miypVDXbnMbksG/bI 3J84sTLlv76F39/y5HkrW7+B0td7oeZgP2+kF0pt+ia+yvnIzSDnZWyE 15uarWE/KJOQjGP4Jd2lcvAQWFOd0xthvuCHOiGXaB/EXVb80bbrEai/ zWw=
trubka.network.cz. 6938 IN RRSIG A 5 3 8400 20140816092301 20140625092301 45630 network.cz. eHTvM341MyceYwpbm+MRYygwL+rTybVIKwXZL+ezKZ0TzI4Y3XUfsT88 LCrAt8z9ns7QTvh8zCuEVfB/YsjFlpfXE6AUjltZRzcPuFhunDzvHi7j z8KS0Cw5qn3+aQeSA6cBe5Ll7l1EB6zy8QthkyPU7dtPBhQwAvxJtBeF F2Y=
trubka.network.cz. 6938 IN RRSIG AAAA 5 3 8400 20140816092301 20140625092301 45630 network.cz. p1xq2Ir3/b4ciYfDpYLIqr3eUbruleYC9AsicEyNcfqa9oex2jWTvcYy COp4cq64vebc4V2o0RzYRMqhL+6M40/SrRTzazrgHzE85qisXsAiJdP2 EKtr72XDJUoP9eNEG1bPKFGgJLWN3uTxmGiKWesm+Uj3GJuVXOqMbMCi p/Y=
;; Query time: 1 msec
;; SERVER: 2001:1488:fffe:20::34#53(2001:1488:fffe:20::34)
;; WHEN: Tue Jul 15 15:37:59 CEST 2014
;; MSG SIZE rcvd: 1060; <<>> DiG 9.9.5-4-Debian <<>> +dnssec +cdflag IN AAAA pagan.rfc1925.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4567
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 8
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;pagan.rfc1925.org. IN AAAA
;; ANSWER SECTION:
pagan.rfc1925.org. 1381 IN AAAA 2a01:5f0:1006::57ec:c685
pagan.rfc1925.org. 2656 IN RRSIG AAAA 8 3 3600 20140715162445 20140715132445 36639 rfc1925.org. BBB7rLYOc3IN3Riduw7MGgrke83a7ZjEFbNMZl+miypVDXbnMbksG/bI 3J84sTLlv76F39/y5HkrW7+B0td7oeZgP2+kF0pt+ia+yvnIzSDnZWyE 15uarWE/KJOQjGP4Jd2lcvAQWFOd0xthvuCHOiGXaB/EXVb80bbrEai/ zWw=
;; AUTHORITY SECTION:
rfc1925.org. 1844 IN NS trubka.network.cz.
rfc1925.org. 1844 IN NS pagan.rfc1925.org.
rfc1925.org. 1844 IN RRSIG NS 8 2 3600 20140715101451 20140715071451 36639 rfc1925.org. ap0afkZ5yq0WyFD/Zfe1/tu2jmhkcTlrV1grjyvuYYcCaIK+QHN52Y+H BFvdbm1jETd1MFVcBy2USt9X8G9Nvzbi5e39kbK0hC/oGb9goAi8BWU3 TaJIOFVBaN1iqmjQy9fiiDjUdaeEVGBjuXTwFJQl7UXmHPXADntAeepn T2k=
;; ADDITIONAL SECTION:
pagan.rfc1925.org. 1381 IN A 89.187.130.14
trubka.network.cz. 6694 IN A 81.91.84.116
trubka.network.cz. 6694 IN AAAA 2001:1568:b::145
trubka.network.cz. 6694 IN AAAA 2001:1568:b:145::1
pagan.rfc1925.org. 1381 IN RRSIG A 8 3 3600 20140715101451 20140715071451 36639 rfc1925.org. Hc7S7/mwJS1UFuLuIC7DAr4NIQUo8tyIWuOlV4CYx5BsASi+oVxbqaaD z0h6m/2wkjZ2MsCRrfHklvTSJYlRSYK1lWXQwtH4QcE71ImXAw48Me2/ FlT7sopRoWTQVcAY64CpixUzN5JnTbvKfhgKQeovv1PgWrLR08D2iDbo XTk=
trubka.network.cz. 6694 IN RRSIG A 5 3 8400 20140816092301 20140625092301 45630 network.cz. eHTvM341MyceYwpbm+MRYygwL+rTybVIKwXZL+ezKZ0TzI4Y3XUfsT88 LCrAt8z9ns7QTvh8zCuEVfB/YsjFlpfXE6AUjltZRzcPuFhunDzvHi7j z8KS0Cw5qn3+aQeSA6cBe5Ll7l1EB6zy8QthkyPU7dtPBhQwAvxJtBeF F2Y=
trubka.network.cz. 6694 IN RRSIG AAAA 5 3 8400 20140816092301 20140625092301 45630 network.cz. p1xq2Ir3/b4ciYfDpYLIqr3eUbruleYC9AsicEyNcfqa9oex2jWTvcYy COp4cq64vebc4V2o0RzYRMqhL+6M40/SrRTzazrgHzE85qisXsAiJdP2 EKtr72XDJUoP9eNEG1bPKFGgJLWN3uTxmGiKWesm+Uj3GJuVXOqMbMCi p/Y=
;; Query time: 2 msec
;; SERVER: 2001:1488:fffe:20::34#53(2001:1488:fffe:20::34)
;; WHEN: Tue Jul 15 15:42:03 CEST 2014
;; MSG SIZE rcvd: 1060ondrej@kage:~$ dig +dnssec +cdflag IN NS rfc1925.org
; <<>> DiG 9.9.5-4-Debian <<>> +dnssec +cdflag IN NS rfc1925.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42805
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 10
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;rfc1925.org. IN NS
;; ANSWER SECTION:
rfc1925.org. 1826 IN NS pagan.rfc1925.org.
rfc1925.org. 1826 IN NS trubka.network.cz.
rfc1925.org. 3600 IN RRSIG NS 8 2 3600 20140715101451 20140715071451 36639 rfc1925.org. ap0afkZ5yq0WyFD/Zfe1/tu2jmhkcTlrV1grjyvuYYcCaIK+QHN52Y+H BFvdbm1jETd1MFVcBy2USt9X8G9Nvzbi5e39kbK0hC/oGb9goAi8BWU3 TaJIOFVBaN1iqmjQy9fiiDjUdaeEVGBjuXTwFJQl7UXmHPXADntAeepn T2k=
;; ADDITIONAL SECTION:
pagan.rfc1925.org. 1363 IN A 89.187.130.14
pagan.rfc1925.org. 1363 IN AAAA 2a01:5f0:1006::57ec:c685
trubka.network.cz. 6676 IN A 81.91.84.116
trubka.network.cz. 6676 IN AAAA 2001:1568:b:145::1
trubka.network.cz. 6676 IN AAAA 2001:1568:b::145
pagan.rfc1925.org. 1363 IN RRSIG A 8 3 3600 20140715101451 20140715071451 36639 rfc1925.org. Hc7S7/mwJS1UFuLuIC7DAr4NIQUo8tyIWuOlV4CYx5BsASi+oVxbqaaD z0h6m/2wkjZ2MsCRrfHklvTSJYlRSYK1lWXQwtH4QcE71ImXAw48Me2/ FlT7sopRoWTQVcAY64CpixUzN5JnTbvKfhgKQeovv1PgWrLR08D2iDbo XTk=
pagan.rfc1925.org. 2638 IN RRSIG AAAA 8 3 3600 20140715162445 20140715132445 36639 rfc1925.org. BBB7rLYOc3IN3Riduw7MGgrke83a7ZjEFbNMZl+miypVDXbnMbksG/bI 3J84sTLlv76F39/y5HkrW7+B0td7oeZgP2+kF0pt+ia+yvnIzSDnZWyE 15uarWE/KJOQjGP4Jd2lcvAQWFOd0xthvuCHOiGXaB/EXVb80bbrEai/ zWw=
trubka.network.cz. 6676 IN RRSIG A 5 3 8400 20140816092301 20140625092301 45630 network.cz. eHTvM341MyceYwpbm+MRYygwL+rTybVIKwXZL+ezKZ0TzI4Y3XUfsT88 LCrAt8z9ns7QTvh8zCuEVfB/YsjFlpfXE6AUjltZRzcPuFhunDzvHi7j z8KS0Cw5qn3+aQeSA6cBe5Ll7l1EB6zy8QthkyPU7dtPBhQwAvxJtBeF F2Y=
trubka.network.cz. 6676 IN RRSIG AAAA 5 3 8400 20140816092301 20140625092301 45630 network.cz. p1xq2Ir3/b4ciYfDpYLIqr3eUbruleYC9AsicEyNcfqa9oex2jWTvcYy COp4cq64vebc4V2o0RzYRMqhL+6M40/SrRTzazrgHzE85qisXsAiJdP2 EKtr72XDJUoP9eNEG1bPKFGgJLWN3uTxmGiKWesm+Uj3GJuVXOqMbMCi p/Y=
;; Query time: 5 msec
;; SERVER: 2001:1488:fffe:20::34#53(2001:1488:fffe:20::34)
;; WHEN: Tue Jul 15 15:42:21 CEST 2014
;; MSG SIZE rcvd: 1060ondrej@kage:~$ dig +dnssec +cdflag IN DNSKEY rfc1925.org
; <<>> DiG 9.9.5-4-Debian <<>> +dnssec +cdflag IN DNSKEY rfc1925.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10068
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;rfc1925.org. IN DNSKEY
;; ANSWER SECTION:
rfc1925.org. 3600 IN DNSKEY 256 3 8 AwEAAcs9GPfL1d+JbBA0ZhO7fHHwpw1qBdzB+VYMtP3XSWjL1F6pHpfF e1GiMJolJ/CbP7uvTLnobVm8bL2rPuUIbZPNV7CP+in8ECK0upaS8zOZ 9SBOslOji95SKU4VY4Y6IQic0XpUUN3H52l3Ix9k+3cbuuMNN12QHy7g QfL6yUDh
rfc1925.org. 3600 IN DNSKEY 257 3 8 AwEAAdJVXrV6fepy5I5GXh2t7rvJGHjUtP3YQXG1kMq8XzLytxfou46j RY3Ns1F7GVRNdVR7WBjpJ76zyfnywGYfGvEB0fvcQNRDvCVXULsAiMpf rISpANbqfQV38zHxLO9G9s5DPcXvdiFAQWTaQalEb3ebeWQVUwrISI9/ F4T9mbvj
rfc1925.org. 3600 IN RRSIG DNSKEY 8 2 3600 20140715101451 20140715071451 30865 rfc1925.org. m8cXjn4rWub0C5xqd0A6DoBOQW4KIqGdFnXA6ErL5/48bhO6Fal6hiJw v29fTH+mp7Gw3p1ZsWBgYlTXTtO3fvgeBIOufcjYoBn/Y9pCKk+x4B2f GpK1QPbH1mWAi+U7nKyUXsTKSVBTEbDHgobAQ0CzjnHXQzQ6rCO9JtTW o+U=
rfc1925.org. 3600 IN RRSIG DNSKEY 8 2 3600 20140715101451 20140715071451 36639 rfc1925.org. PCPkV8QKQDIKzQGsIDZrdtpd1GgPLbiHlxSPM78/b5fjo8z0wZYm9zSk L0kOO/XD+nkTH605UnjnrBG3uGyitfaBGqcjvIJ8WO43zryugnOkKdZX iW6Jjg8tpPoui8q9elx5yw2AilU1AlrCpj7GeF592GFE8hMvlA0m8Avr PZk=
;; Query time: 4 msec
;; SERVER: 2001:1488:fffe:20::34#53(2001:1488:fffe:20::34)
;; WHEN: Tue Jul 15 15:42:33 CEST 2014
;; MSG SIZE rcvd: 678The error message on the resolver is: "lame-servers.log:15-Jul-2014 15:42:00.628 lame-servers: info: error (broken trust chain) resolving 'pagan.rfc1925.org/A/IN': 2a01:5f0:1006::57ec:c685#53"
It works on different resolver, so it looks like it might be some resigning timing issue.
Also dnsviz complains that RRSIG will expire in non-validating caches (now + TTL > expiration).
My configuration says: "signature-lifetime 10800;", so it needs at least some WARNING if "now + TTL" is always bigger than expiration.
Activity
And logs:
Jul 15 06:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@37069': Started (serial 1405389051). Jul 15 06:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@37069': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 06:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@39595': Started (serial 1405389051). Jul 15 06:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@39595': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 06:32:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing zone... Jul 15 06:32:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 06:32:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 06:32:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Successfully signed. Jul 15 06:32:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T07:14:51. Jul 15 06:32:52 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 06:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@36294': Started (serial 1405398771). Jul 15 06:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@36294': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 07:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@39331': Started (serial 1405398771). Jul 15 07:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@39331': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 07:15:01 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@33693': Started (serial 1405398771). Jul 15 07:15:01 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@33693': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 07:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@32941': Started (serial 1405398771). Jul 15 07:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@32941': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 07:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@50984': Started (serial 1405398771). Jul 15 07:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@50984': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 08:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@38590': Started (serial 1405398771). Jul 15 08:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@38590': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 08:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@56185': Started (serial 1405398771). Jul 15 08:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@56185': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 08:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@55324': Started (serial 1405398771). Jul 15 08:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@55324': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 08:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@50216': Started (serial 1405398771). Jul 15 08:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@50216': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 09:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@35024': Started (serial 1405398771). Jul 15 09:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@35024': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 09:14:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing zone... Jul 15 09:14:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 09:14:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 09:14:52 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Successfully signed. Jul 15 09:14:52 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T09:56:51. Jul 15 09:14:52 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 09:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@51939': Started (serial 1405408491). Jul 15 09:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@51939': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 09:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@48444': Started (serial 1405408491). Jul 15 09:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@48444': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 09:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@36629': Started (serial 1405408491). Jul 15 09:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@36629': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 10:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@50164': Started (serial 1405408491). Jul 15 10:00:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@50164': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 10:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@54424': Started (serial 1405408491). Jul 15 10:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@54424': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 10:30:01 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@35283': Started (serial 1405408491). Jul 15 10:30:01 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@35283': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 10:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@37973': Started (serial 1405408491). Jul 15 10:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@37973': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:00:01 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@57946': Started (serial 1405408491). Jul 15 11:00:01 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@57946': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@57522': Started (serial 1405408491). Jul 15 11:15:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@57522': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@54260': Started (serial 1405408491). Jul 15 11:30:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@54260': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@36784': Started (serial 1405408491). Jul 15 11:45:02 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@36784': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:51:29 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@38956': Started (serial 1405408491). Jul 15 11:51:29 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@38956': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:52:12 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@48358': Started (serial 1405408491). Jul 15 11:52:12 pagan.rfc1925.org knot[31953]: Outgoing AXFR of 'rfc1925.org.' to '81.91.84.116@48358': Finished in 0.00s (1 messages, ~19.9kB). Jul 15 11:56:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing zone... Jul 15 11:56:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 11:56:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 11:56:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Successfully signed. Jul 15 11:56:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T12:38:51. Jul 15 11:56:51 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 14:38:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing zone... Jul 15 14:38:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 14:38:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 14:38:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Successfully signed. Jul 15 14:38:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T15:20:51. Jul 15 14:38:52 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 15:24:45 pagan.rfc1925.org knot[31953]: Zone 'rfc1925.org.' is up-to-date (serial 1405427931) Jul 15 15:24:45 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing started... Jul 15 15:24:45 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 15:24:45 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 15:24:45 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Successfully signed. Jul 15 15:24:46 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T16:06:45. Jul 15 15:24:46 pagan.rfc1925.org knot[31953]: NOTIFY of 'rfc1925.org.' to '81.91.84.116@53': Query issued (serial 1405430685). Jul 15 15:24:47 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 15:24:51 pagan.rfc1925.org knot[31953]: Zone 'rfc1925.org.' is up-to-date (serial 1405430685) Jul 15 15:24:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing started... Jul 15 15:24:51 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 15:24:52 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 15:25:05 pagan.rfc1925.org knot[31953]: Zone 'rfc1925.org.' is up-to-date (serial 1405430685) Jul 15 15:25:05 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing started... Jul 15 15:25:05 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 15:25:05 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 15:25:05 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - No signing performed, zone is valid. Jul 15 15:25:06 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T16:06:45. Jul 15 15:25:06 pagan.rfc1925.org knot[31953]: NOTIFY of 'rfc1925.org.' to '81.91.84.116@53': Query issued (serial 1405430685). Jul 15 15:25:07 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 15:31:42 pagan.rfc1925.org knot[31953]: Zone 'rfc1925.org.' is up-to-date (serial 1405430685) Jul 15 15:31:42 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing started... Jul 15 15:31:42 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 15:31:42 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 15:31:42 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - No signing performed, zone is valid. Jul 15 15:31:43 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-07-15T16:06:45. Jul 15 15:31:43 pagan.rfc1925.org knot[31953]: NOTIFY of 'rfc1925.org.' to '81.91.84.116@53': Query issued (serial 1405430685). Jul 15 15:31:44 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile. Jul 15 15:45:20 pagan.rfc1925.org knot[31953]: Zone 'rfc1925.org.' is up-to-date (serial 1405430685) Jul 15 15:45:20 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Signing started... Jul 15 15:45:20 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 30865, file Krfc1925.org.+008+30865.private, KSK, active, public Jul 15 15:45:20 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - - Key is valid, tag 36639, file Krfc1925.org.+008+36639.private, ZSK, active, public Jul 15 15:45:20 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org. - Successfully signed. Jul 15 15:45:21 pagan.rfc1925.org knot[31953]: DNSSEC: Zone rfc1925.org.: Next signing planned on 2014-08-11T13:45:20. Jul 15 15:45:21 pagan.rfc1925.org knot[31953]: NOTIFY of 'rfc1925.org.' to '81.91.84.116@53': Query issued (serial 1405431920). Jul 15 15:45:22 pagan.rfc1925.org knot[31953]: Applied differences of 'rfc1925.org.' to zonefile.
Please register or sign in to reply