Hi
I have two questions about this blog post on
multi-signers:
https://en.blog.nic.cz/2025/05/07/knot-dns-in-a-complex-dnssec-topology/
First, the blog post shows auto-increment SOA serial mode for the zone files in-line with
the docs example:
```
zonefile-sync: -1zonefile-load: difference-no-serial
journal-content: all
```
This would work fine for me in general, I don't mind zone files being the "source
of truth".
But the docs has a note "This mode is not suitable if the zone can be modified
externally (e.g. DDNS, knotc)."
Do I understand correctly that this is because any dynamic changes to the zone get wiped
on reboot ? So, for example, if the only external DDNS modification in my environment
is DNS-01 for cert issuance, it won't cause me a problem, because those are ephemeral
by nature anyway ?
This then raises the second question, how would I deal with catlog zones with this concept
of multi-signers ? Or are catlog zones too much trouble in a multi-signer environment ?
Thank you