mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-01 23:25:38 +00:00
Code Issues Releases Wiki Activity

Remove copy paste error on zone-max-ttl

Browse Source 
The "zone-max-ttl" option inside a "dnssec-policy" is not used to cap
the TTLs in a zone, only yo calculate key rollover timings.
This commit is contained in:
Matthijs Mekking
2021-09-21 15:22:49 +02:00
parent 9ddc23b2bf
commit 4e3ba81696
1 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
doc/arm/reference.rst
View File

@@ -5138,10 +5138,7 @@ The following options can be specified in a ``dnssec-policy`` statement:
``max-zone-ttl`` ``max-zone-ttl``
Like the ``max-zone-ttl`` zone option, this specifies the maximum Like the ``max-zone-ttl`` zone option, this specifies the maximum
permissible TTL value, in seconds, for the zone. When loading a permissible TTL value, in seconds, for the zone.
zone file using a ``masterfile-format`` of ``text`` or ``raw``, any
record encountered with a TTL higher than ``max-zone-ttl`` is capped
at the maximum permissible TTL value.
This is needed in DNSSEC-maintained zones because when rolling to a This is needed in DNSSEC-maintained zones because when rolling to a
new DNSKEY, the old key needs to remain available until RRSIG new DNSKEY, the old key needs to remain available until RRSIG