Since I can’t see a way to get zeroshell to behave itself with regards this TXT record, I am considering retiring zeroshell for the master DNS. Then if the slaves which are also zeroshell then continue to corrupt the record when replicating from an alternative master I’ll have to completely retire zeroshell from my infrastructure altogether.
I’ve not used these types of cryptographic TXT record keys before hence problem not spotted until I went to use one.
Does anyone have some workaround suggestions? Is replacing my master DNS with something that behaves sanely and retaining zeroshell slaves even viable?