named validating @0x...: ... SOA: no valid signature found
Phil Mayers
p.mayers at imperial.ac.uk
Fri Jul 20 15:26:29 UTC 2012
On 20/07/12 16:21, Mark Andrews wrote:
>
> In message <50096C2B.1080806 at interlinx.bc.ca>, "Brian J. Murrell" writes:
>> Just for good measure, since I think I have posted this before, but here
>> are the options I have set in my bind configuration with regard to dnssec=
>> :
>>
>> dnssec-enable yes;
>> dnssec-validation yes;
>> dnssec-lookaside auto;
FWIW, on 9.8 the only other line we have (for reasons of permissions) is:
managed-keys-directory "/var/named/data/dynamic";
I don't see why those 3 lines aren't sufficient for him?
>
> Turn on validation using the root's DNSKEY.
>
> auto-dnssec maintian;
I thought that was for master zones, not recursion/validation? Or am I
missing something?
More information about the bind-users
mailing list