We started seeing these today from 1425 PST to 1532 PST :
Mar 17 14:45:27 a unbound: [7326:0] info: validation failure
<a.root-servers.net. A IN>: no DNSSEC records from 128.8.10.90 for DS
root-servers.net. while building chain of trust
We removed the box from the cluster, even though it seemed to still be
serving DNS requests just fine.
Anyone know why this happened? Some mis-configuration on my end?
Unbound 1.4.16
Relevant configuration entries:
# grep -v "#" /etc/unbound.conf | perl -pe 's/^\s$//'
server:
verbosity: 1
interface: 0.0.0.0
interface: ::0
interface-automatic: yes
port: 53
access-control: 0.0.0.0/0 allow
hide-identity: yes
hide-version: no
version: "Served by Unbound - http://www.unbound.net";
auto-trust-anchor-file: "/var/unbound/root.key"
val-log-level: 2
local-zone: "monitor.zone" transparent
local-data: "monitor.zone A 127.0.0.1"
python:
remote-control:
control-enable: yes
control-interface: 0.0.0.0
control-interface: ::0
--
Augie Schwer - [email protected] - http://schwer.us
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
