RE: DNSSEC Error Log - named[4132]: managed-keys-zone/“externals”: Unable to fetch DNSKEY set '.': timed out
Tony Finch
dot at dotat.at
Tue Aug 6 13:01:32 UTC 2019
LeBlanc, Daniel James <daniel.leblanc at bellaliant.ca> wrote:
>
> Our authoritative servers are not sending notifies anywhere, and we use
> only IPs within the config file (Ansible managed) so I wouldn’t expect
> that any NS records are being resolved.
You need to have `notify no` or `notify explicit` in the authoritative
view, and you might also need to set `dnssec-validation no` in the global
options and move `dnssec-validation auto` into the recursive view.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Mull of Kintyre to Ardnamurchan Point: Variable becoming northwest, 3 or 4.
Slight, occasionally smooth in shelter. Showers, thundery at first. Good
occasionally poor at first.
More information about the bind-users
mailing list