The problem recurred. This time I decided to add the .org key to my
trusted-keys and see what would happen. I added the key, reloaded the
configuration (rndc reconfig), and queries are resolving properly again.
--
John Marshall
pgppUbJIgQaVZ.pgp
Description: PGP signature
Yesterday one of our BIND 9.6.1-P1 servers started logging lots of
messages like the following - for a number of different domains - and
failing to resolve the corresponding names.
named[204]: no valid RRSIG resolving 'cvsup.au.freebsd.org/A/IN':
123.136.33.242#53
Please note that in the above
On 8/16/09, John Marshall john.marsh...@riverwillow.com.au wrote:
I'm new at DNSSEC. This server is the first one we have configured.
I have the following in the global configuration options:
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside . trust-anchor
On Mon, 17 Aug 2009, John Marshall wrote:
named[204]: no valid RRSIG resolving 'cvsup.au.freebsd.org/A/IN':
123.136.33.242#53
What should I do to troubleshoot this if it happens again?
First of all, try and dump the cache, using rndc dumpdb -all. This
gets a snapshot of the current state
On Sun, 16 Aug 2009, 23:39 -0400, Paul Wouters wrote:
On Mon, 17 Aug 2009, John Marshall wrote:
named[204]: no valid RRSIG resolving 'cvsup.au.freebsd.org/A/IN':
123.136.33.242#53
What should I do to troubleshoot this if it happens again?
First of all, try and dump the cache, using
5 matches
Mail list logo
