Hi people, I have two BIND 9.10.3 servers with DNSSEC validation enabled, one in one client and the other in another client.
Both BIND have the same configuration lines relative to DNSSEC validation: dnssec-validation auto; dnssec-enable yes; and both has the current and future key in bind.keys. But I have a problem: in one of these BIND servers, when I execute certains manual query, for example: dig www.pami.org.ar dig www.anses.gob.ar I get: Host www.pami.org.ar not found: 2(SERVFAIL) Host www.anses.gob.ar not found: 2(SERVFAIL) But if I change the line: dnssec-validation auto; for this: dnssec-validation yes; the DNS queries are succesful. But if I maintain the line "dnssec-validation yes;" then the DNSSEC validation desn't work anymore. Can you explain me reason for this behaviour? I want to have DNSEC validation, but if I put "dnssec-validation auto;" the DNSSEV validation works OK but I have resolution problems with certain domains. Thanks a lot, bye. Tomy
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
