Single nameserver doesn't show signed SOA-RRs
Stefan Foerster
cite at incertum.net
Wed Jun 29 20:57:17 UTC 2011
Hello world,
I'm having a problem with a single authoritative server that seems to
not receive a signed zone.
I used www.zonecheck.fr to check the zones incertum.net and
billigmail.org and it complains that ns3.wars-nicht.de doesn't have a
signed SOA. I already tried increasing the serial for those zones to
retransfer them, but the error seems to persist.
The affected nameserver is a Debian/lenny running 9.6.ESV.R4, the two
other nameservers are Debian/squeeze running 9.7.3.
On the affected nameserver, the only configuration with regards to
DNSSEC was to add "dnssec-enable yes;" to the named configuration file
(and restart it afterwards).
Can anyone enlighten me on what I'm doing wrong here? I'd like to iron
out this before I submit my keys to my registrar.
Cheers
Stefan
More information about the bind-users
mailing list