-
Matthijs Mekking authored
There is a failure mode which gets triggered on heavily loaded systems. A key change is scheduled in 5 seconds to make ZSK2 inactive and ZSK3 active, but `named` takes more than 5 seconds to progress from `rndc loadkeys` to the query check. At this time the SOA RRset is already signed by the new ZSK which is not expected to be active at that point yet. Rather than doing this in 5 seconds, switch the active signing key immediately.
1bf3062a