Re: named is not finding the keys for DNSSEC

2016-08-03 Thread Andreas Meyer
Hello! That makes no difference. dns_dnssec_keylistfromrdataset: error reading private key file bitcorner.de/RSASHA1/16938: file not found I think it must have something to do with the name itself, could it be? The key is named Kbitcorner.de.+005+16938.private but named is looking for a key

RE: NXDOMAIN but still get it...

2016-08-03 Thread Darcy Kevin (FCA)
nslookup sucks. What’s most likely happening is: · On your initial query, some sort of transient error is occurring while trying to resolve centos.mirror.iweb.ca, e.g. a timeout, a misconfigured server returning SERVFAIL, a delegated server not being authoritative, etc. ·

NXDOMAIN but still get it...

2016-08-03 Thread Bernard Fay
[ ~]# *nslookup centos.mirror.iweb.ca * Server:172.21.241.18 Address:172.21.241.18#53 ** server can't find centos.mirror.iweb.ca: NXDOMAIN But ... [ ~]$ *nslookup iweb.ca * Server:172.21.241.18 Address:172.21.241.18#53

Re: named is not finding the keys for DNSSEC

2016-08-03 Thread Volker Janzen
Hi, you need to 'chown named' the keyfiles. The bind process is unable to read the files belonging to root. Regards Volker > Am 03.08.2016 um 18:33 schrieb Andreas Meyer : > > Hello! > > Just subscribed to the list. I wanted to implement DNSSEC > with bind but have

named is not finding the keys for DNSSEC

2016-08-03 Thread Andreas Meyer
Hello! Just subscribed to the list. I wanted to implement DNSSEC with bind but have not luck with this one. When named starts it says it can't read the private keys. dns_dnssec_keylistfromrdataset: error reading private key file bitcorner.de/RSASHA1/16938: file not found

Re: named and use of resolv.conf? - how to "learn" this

2016-08-03 Thread Matthew Pounsett
On 2 August 2016 at 19:50, Evan Hunt wrote: > On Tue, Aug 02, 2016 at 05:04:33PM -0400, Matthew Pounsett wrote: > > Yes it will. But, as far as I understand, it uses the recursive code > paths > > to do that, and won't consult resolv.conf. Yes? > > Correct. However, an option to

Re: named and use of resolv.conf? - how to "learn" this

2016-08-03 Thread Tony Finch
Spumonti Spumonti wrote: > > We have an authoritative server and it has a zone with secondary name > servers owned by another organization. > > This authoritative name server needs to send a NOTIFY to these other > name servers. > > I thought it was enough for BIND to use the