DNS Configuration and Management Manual (G06.27+, H06.05+, J06.03+)
DNS Configuration on the NonStop Server
HP DNS Configuration and Management Manualâ529432-003
3-22
Managing Persistence for the named Process
Specifying a Trusted Key
For the name servers requiring secure communication with the above configured name
server, you must add a
trusted-keys statement in their configuration files
(named.conf). The following example shows the
trusted-keys statement for the
named.conf file of the affected name server:
trusted-keys {
myzone.com. 256 3 1 signature;
};
The above statement specifies that the name server trusts the listed public key for
signature verification for the zone,
myzone.com. The signature must be manually
exchanged between the name servers.
Managing Persistence for the named Process
The NonStop Kernel Persistence Manager ($ZZKRN) provides support for making HP
NonStop Open System Services (OSS) processes persistent, starting with the G06.24
RVU. This feature of $ZZKRN can be used in making DNS persistent.
Configuring the named Process as a Persistent Process
Use the Subsystem Control Facility (SCF) to configure the name server (named
process) to $ZZKRN. Perform this procedure in the Guardian environment.
1. Add
named to the system configuration database (this example is for nonsecure
DNS, for secure DNS, the directory for
named is /etc/dns_secure:
For information about the attributes shown in this command example, see the
SCF
Reference Manual for the Kernel Subsystem in NTL.
2. Start the $ZZKRN.#named process:
->add process $zzkrn.#named, name $osh, autorestart 10, &
cpu firstof (1,0), startmode manual, userid super.super, &
program $system.system.osh, assocproc $dns12, &
hometerm $ZHOME, startupmsg &
â-ls -name /G/dns12 -osstty -p /etc/dns923/named -g -fâ
->start process $zzkrn.#named