Hello James,
The purpose of zone freeze is to block automatic zone events on the background, e.g DDNS, zone signing, incoming XFR.
When these events are blocked, you can safely manipulate to zone contents. Manual zone flush has to work as you usually
want to flush the current zone contents to the zone file before you start modifying it.
Regards,
Daniel
On 2/8/21 8:17 AM, James Garnett wrote:
> Hello all, I am attempting to test freezing a zone, and something appears not to be working (that something could be my understanding of how it is supposed to work).
>
> Using a very simple example.com zone (the default that ships with v3.0.4), I am able to query for "mail.example.com" and get the correct response back. I then query for "test.example.com" and get an NXDOMAIN, as expected. Then I do the following:
>
> $ sudo knotc zone-freeze example.com
> OK
> $
>
> Doing a zone-status, I see:
>
> $ sudo knotc zone-status example.com
> [example.com.] role: master | serial: 2010111219 | transaction: none | freeze: yes | expiration: not scheduled | notify: not scheduled
>
> $ sudo knotc zone-begin example.com
> OK
> $ sudo knotc zone-set example.com test 3600 A 150.150.150.150
> OK
> $ sudo knotc zone-commit example.com
> OK
> $ sudo knotc zone-flush example.com
> OK
> $
>
> After the zone-flush, I am able to query for "test.example.com" and I get back the A-record with address 150.150.150.150. I would have thought that with the zone frozen, the zone-flush would not go through and the A-record for "test" would not be added.
>
> Am I missing something obvious, or does zone-freeze just not work in version 3.0.4?
>
> Thanks in advance,
> ~J
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>