The fix is either to remove "dnssec-lookaside auto;" from the config or
else set "dnssec-lookaside no;" and then reload named.
Drew Weaver wrote on 25/03/2020 17:18:
Did anyone else on CentOS 6 just have some DNS resolvers totally fall over?
I noticed that this command: dnssec-lookaside auto; was causing the
issue. The issue occurred right at about 1PM EST.
I see this note in the ISC key file..
# ISC DLV: See https://www.isc.org/solutions/dlv for details.
# NOTE: The ISC DLV zone is being phased out as of February 2017;
# the key will remain in place but the zone will be otherwise
# Configuring "dnssec-lookaside auto;" to activate this key is
# harmless, but is no longer useful and is not recommended.
It’s not harmless anymore.