I'm trying to setup a new 9.7.0-P1 server in order to (initially) do DNSSEC validation lookups. I'm using the Fedora 13 SRPM, recompiled on CentOS 5.4. SELinux is Off currently.
when I add the following to my options {} section, I get some log
messages I don't understand...
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
Apr 14 12:06:34 dns01 named[4911]: zone managed-keys.bind/IN/_meta: loading
from master file dynamic/managed-keys.bind failed: file not found
Apr 14 12:06:34 dns01 named[4911]: dynamic/managed-keys.bind.jnl: create: file
not found
Apr 14 12:06:34 dns01 named[4911]: zone managed-keys.bind/IN/_meta:
sync_keyzone:dns_journal_open -> unexpected error
Apr 14 12:06:34 dns01 named[4911]: zone managed-keys.bind/IN/_meta: loaded
serial 0
Apr 14 12:06:35 dns01 named[4911]: zone managed-keys.bind/IN/_meta: Unable to
fetch DNSKEY set 'dlv.isc.org': failure
Apr 14 12:06:35 dns01 named[4911]: dynamic/managed-keys.bind.jnl: create: file
not found
Apr 14 12:06:35 dns01 named[4911]: zone managed-keys.bind/IN/_meta:
keyfetch_done:dns_journal_open -> unexpected error
I can explain the "Unable to fetch DNSKEY" message; the server currently
has no direct Internet access.
What do the other messages mean, and how can I resolve them?
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer, Managed Services Manpower
www.QinetiQ.com
QinetiQ - Delivering customer-focused solutions
GPG Key: http://www.linux-corner.info/mwatts.gpg
signature.asc
Description: This is a digitally signed message part
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
