yeah FreeBSD 10 removed dig from base, but I guess I can install the tools!
The time on the router is set to GMT and shows one hour after m local machine, My local time now is: Thu Mar 13 18:40:23 WET 2014 I tried "domain-insecure: "local"" And this seems to make it work % drill +dnssec @127.0.0.1 yoda.geek.local. A ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 31171 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;; yoda.geek.local. IN A ;; ANSWER SECTION: yoda.geek.local. 39 IN A 10.10.50.50 ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; Query time: 0 msec ;; SERVER: 127.0.0.1 ;; WHEN: Thu Mar 13 18:43:54 2014 ;; MSG SIZE rcvd: 49 % drill -D @127.0.0.1 yoda.geek.local. A ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 49043 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;; yoda.geek.local. IN A ;; ANSWER SECTION: yoda.geek.local. 36 IN A 10.10.50.50 ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; Query time: 0 msec ;; EDNS: version 0; flags: do ; udp: 4096 ;; SERVER: 127.0.0.1 ;; WHEN: Thu Mar 13 18:43:57 2014 ;; MSG SIZE rcvd: 60 So that is indeed odd, If i do this: rill @127.0.0.1 yoda.geek.local. A ;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 52645 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;; yoda.geek.local. IN A ;; ANSWER SECTION: ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; Query time: 374 msec ;; SERVER: 127.0.0.1 ;; WHEN: Thu Mar 13 18:40:58 2014 So its failing dnsec validation but the log doens't show it?
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
