Hello Team; I've just finished setup for bind9.16.13 from scratch (source). But I got error when I checked with bind function with "dig" command. The error I got was as below.
1. dig result; ; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8_3.1 <<>> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: *SERVFAIL,* id: 17070 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 2. named.log There are many bad cache hit logs. dnssec: view internal: validating nikkei225jp.com/SOA: bad cache hit (com/DS) I tried to dig out for this issue, I found one thing that disable dnssec-validation option. After changing, the issue had been fixed. However, I'm wondering if I can disable this option for security reason. Or there is another solution?? Thank you for your support! Regards,
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users