9.7.0-P1 managed-keys.bind issues
Mark Watts
m.watts at eris.qinetiq.com
Wed Apr 14 12:10:35 UTC 2010
I'm trying to setup a new 9.7.0-P1 server in order to (initially) do
DNSSEC validation lookups.
I'm using the Fedora 13 SRPM, recompiled on CentOS 5.4. SELinux is Off
currently.
when I add the following to my options {} section, I get some log
messages I don't understand...
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
Apr 14 12:06:34 dns01 named[4911]: zone managed-keys.bind/IN/_meta: loading from master file dynamic/managed-keys.bind failed: file not found
Apr 14 12:06:34 dns01 named[4911]: dynamic/managed-keys.bind.jnl: create: file not found
Apr 14 12:06:34 dns01 named[4911]: zone managed-keys.bind/IN/_meta: sync_keyzone:dns_journal_open -> unexpected error
Apr 14 12:06:34 dns01 named[4911]: zone managed-keys.bind/IN/_meta: loaded serial 0
Apr 14 12:06:35 dns01 named[4911]: zone managed-keys.bind/IN/_meta: Unable to fetch DNSKEY set 'dlv.isc.org': failure
Apr 14 12:06:35 dns01 named[4911]: dynamic/managed-keys.bind.jnl: create: file not found
Apr 14 12:06:35 dns01 named[4911]: zone managed-keys.bind/IN/_meta: keyfetch_done:dns_journal_open -> unexpected error
I can explain the "Unable to fetch DNSKEY" message; the server currently
has no direct Internet access.
What do the other messages mean, and how can I resolve them?
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer, Managed Services Manpower
www.QinetiQ.com
QinetiQ - Delivering customer-focused solutions
GPG Key: http://www.linux-corner.info/mwatts.gpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100414/c7ae7026/attachment.bin>
More information about the bind-users
mailing list