named validating @0x...: ... SOA: no valid signature found

Phil Mayers p.mayers at imperial.ac.uk
Fri Jul 20 13:11:29 UTC 2012


On 20/07/12 14:03, Brian J. Murrell wrote:

> # dig +dnssec @localhost 119.in-addr.arpa SOA
>
> ; <<>> DiG 9.9.1-P1 <<>> +dnssec @localhost 119.in-addr.arpa SOA
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49713
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 7, ADDITIONAL: 14

What do you see if you:

  1. Clear the cache
  2. Start tcpdump
  3. Do this query

Presumably there is a failing DNS query somewhere underlying this.

Or, what happens if you start bind up in debug mode and run the query? 
There will be a lot of output, but I've found most problems to be fairly 
obvious if you read through it.



More information about the bind-users mailing list