Re: managed-keys-zone: Failed to create fetch for DNSKEY update
On 2022 Apr 12, at 18:25, @lbutlr wrote:
>
> My secondary DNS server (bind916-9-16-27) is reporting:
>
> managed-keys-zone: Failed to create fetch for DNSKEY update
Named.conf relevant settings (I think) are:
recursion yes;
allow-query { any; };
allow-recursion { 127.0.0.1; ; };
listen-on { ; 127.0.0.1; };
forwarders { ; };
forward first;
Dig @localhost returns:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23697
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
--
If you must choose between two evils, pick the one you've never tried
before.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
managed-keys-zone: Failed to create fetch for DNSKEY update
My secondary DNS server (bind916-9-16-27) is reporting: managed-keys-zone: Failed to create fetch for DNSKEY update At this point it only respond SERVFAIL to all queries. The secondary DNS is a spare machine that is not used for anything else but DNS, so no one has touched it other than to update packages on it on well over 18 months. Ideas? (Search pointed me to one bug report for 9.17..mumble that got no answer other than 'create a report on git') -- "I don't think the kind of friends I'd have would care." -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
