Bind and systemd-resolved
Ondřej Surý
ondrej at isc.org
Mon Apr 18 06:14:12 UTC 2022
Leroy,
here `man dig` is your friend:
Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf.
When no command line arguments or options are given, dig will perform an NS query for "." (the root).
It is possible to set per-user defaults for dig via ${HOME}/.digrc. This file is read and any options in it are applied before the command line arguments.
Ondřej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> On 18. 4. 2022, at 7:27, Leroy Tennison via bind-users <bind-users at lists.isc.org> wrote:
>
>
> When I attempt “dig -t AXFR office.example.com -k Kexample_dns.+157+18424.key” on the DNS server (Bind 9.11) sudoed to root I get:
>
> ;; Couldn't verify signature: expected a TSIG or SIG(0)
> ; Transfer failed.
>
> This is an Ubuntu 18.04 system and /etc/systemd/resolved.conf has DNS=127.0.0.1 since the DNS server is running on it. Systemd-resolved has been restarted afterward. I've tried using an actual interface address but it doesn't help. It seems dig tries to use 127.0.0.53 due to its being in /etc/resolv.conf and that fails even though dig for forward/reverse lookups works.
>
> If I add @127.0.0.1 to the above it works. Is there a way to get this to work without having to do that and not setting up the entire network configuration using systemd. I realize it's not a big effort to add @127.0.0.1 but the reason for the issue is obscure, the error message is misleading and my distaste for systemd is sufficient enough that I would prefer avoiding it as much as possible. Thanks for any input.
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220418/a8d68f5c/attachment.htm>
More information about the bind-users
mailing list