A question can be a good question, without being the right question...
On Sun, 16 Apr 2023, Petr Menšík via Unbound-users wrote:
[...] I consider it a problem that this wrong date will *not*
fix automatically in otherwise default configuration.
Like many other systems, Fedora tries to use chrony service to use NTP to
synchronize and correct the time. Problem is unless the user has configured
fixed IP or NTP servers were provided by DHCP, it needs to do DNS resolution.
This is where it starts to go off the rails for me. I mean: where?
Someplace which is neither configured a fixed address or provisioned
with DHCP... and yet is connected to the internet: where is that?
So since when is mDNS protected by DNSSEC? Is mDNS supposed to even
require internet?
Fedora uses 2.fedora.pool.ntp.org. ntp.org is not signed, but org. has to
pass validation.
Is there an internet connection? How does that work without a fixed IP or
DHCP or mDNS?
[...]
I would like to ask opinions how this should be fixed to autocorrect
auto-magically. I am aware unbound is more usually used on servers, which
should keep time synced on boot and are not powered off for extended time.
But I think it is a good choice also for workstations.
This has been an issue with TSIG for forever. If something is that broken,
maybe somebody should wake up and pay attention: what if the whole
datacenter has come adrift of its time moorings? (DAMHIK!)
I really can't picture what network you're envisioning, and if it's DR or
"internet in a box" then that entails forethought.
Convince me that this is a DNS problem...
--
Fred Morris
