Hello All. I am receiving the following log entry a couple of times per hour on my ISC BIND 9.14.0 VMs:
named[4132]: managed-keys-zone/“externals”: Unable to fetch DNSKEY set '.': timed out This is occurring only on my authoritative servers and only for the view that I do not have recursion enabled for (the “externals” view; the “internals” view has recursion enabled and it is working). I determined this as follows: ~]$ sudo /var/named/sbin/rndc secroots - secure roots as of 02-Aug-2019 10:24:22.455: Start view “internals” Secure roots: ./RSASHA256/20326 ; managed Negative trust anchors: Start view “externals” Secure roots: ./RSASHA256/20326 ; initializing managed ./RSASHA256/19036 ; initializing managed Negative trust anchors: I have the following statements defined in options: bindkeys-file "keys/bind.keys"; dnssec-enable yes; dnssec-validation auto; dnssec-accept-expired no; dnssec-lookaside no; Is there a way that I can disable the managed-key lookups for the “externals” view while leaving it in place for the “internals” view? I tried moving the bindkeys-file to the internals view only but named wouldn’t start. Thanks! Daniel J. LeBlanc, P.Eng., MBA, DTME | Senior Network Architect | Bell Canada
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
