9 Bře
2024
9 Bře
'24
13:59
Hi Daniel,
Thank you. If you need some testing, let me know.
Martin
Dne pátek 8. března 2024 9:06:36 CET, Daniel Salzman via knot-dns-users napsal(a):
Hi Martin,
The error is definitely caused by a configuration check to prevent users from creating
strange configurations :-D
We will revise the check as your configuration makes sense.
Daniel
On 3/7/24 22:00, Martin Huněk wrote:
Hi,
So I've tested chaining 2 catalog zones one after another and it failed with:
error: config, file '/etc/knot/knot.conf', line 95, section
'zone[crb-m1-signed-catalog.]' ('catalog-role' in a catalog template)
error: failed to load configuration file '/etc/knot/knot.conf' (invalid
parameter)
Here is the relevant part of the config file (not final by any means):
acl:
- id: master_acl
key: koncentrator
action: notify
- id: slave-01_acl
key: dns-sl-01
action: [transfer, notify]
template:
- id: koncentrator-signed
catalog-role: member
catalog-zone: crb-k-signed-catalog.
master: master
acl: master_acl
- id: master-template
master: master
acl: master_acl
zone:
- domain: crb-k-signed-catalog.
catalog-role: generate
acl: slave-01_acl
- domain: crb-m1-signed-catalog.
template: master-template
catalog-role: interpret
# catalog-template: master-signed
catalog-template: koncentrator-signed
master: master
acl: master_acl
Do anyone knows what is the problem?
Sincerely,
Martin
Dne sobota 17. února 2024 13:44:31 CET, Martin Huněk napsal(a):
Hi Libor, hi David,
Thank you for a confirmation. I'll try to configure it and I'll let you know how
it goes.
Martin
Dne pátek 16. února 2024 18:05:12 CET, libor.peltan napsal(a):
-- Hi Martin,
It's possible to configure Knot in the way that it consumes one or more
catalog zones, and generates another catalog zone, in the way that the
members of the consumed one(s) become members of the produced one. This
can be achieved by carefully preparing and assigning configuration
templates to the members of the consumed catalog.
However, I'd be tentative to construct a production environment this way :)
Libor
Dne 18. 10. 23 v 10:14 Martin Huněk napsal(a):
> Hi folks,
>
> Is it possible to chain multiple upstream catalog zones into one downstream one?
>
> I do have the following topology:
>
> Multiple DNS hidden masters <-> DNS signer / DNS master for public facing
slaves <-> public facing slaves
>
> Can I define catalog zones on hidden masters and use them on public-facing
signer/master to compose a catalog zone for the slaves?
>
> Best Regards,
> Martin Hunek
> Freenet Liberec, z.s.
>
>
> --
--