On Fri, 8 Apr 2016, Bhangui, Sandeep - BLS CTR wrote:
> '--enable-newstats' '--with-libxml2' '--enable-fullreport' 'CFLAGS=-O2 Unrelated to your problem, but the --enable-newstats configure switch is not used for BIND 9.10. > 1. Cannot seem to start named and it seems that it is looking for some > keys to validation locally. (I reordered your email some:) > Apr 7 15:15:32 cfdnsquar01 named[37952]: isc_stdio_open > '/usr/local/named-jail9.10.3P4/var/adm/named.log' failed: file not > found > Apr 7 15:15:32 cfdnsquar01 named[37952]: configuring logging: file not > found > Apr 7 15:15:32 cfdnsquar01 named[37952]: loading configuration: file > not found > Apr 7 15:15:32 cfdnsquar01 named[37952]: exiting (due to fatal error) Your named cannot start due to logging configuration. You didn't share your configuration elated to it, but does the directory /usr/local/named-jail9.10.3P4/var/adm/ exist? > I believe managed-key-zone validation is by default enabled in > Bind......is there an option that I can use in named.conf file to > disable that so that it does not look for the key......I guess this is > just a self-validation on the master itself and has nothing to do with > DNSSEC signing as it seems I am not even able to get the named up... Yes, it is unrelated. > I guess question is do I have an option that I can specify such that > it will not look for self-validation keys at all so that I do not have > to deal with rndc.key and rndc.conf or is this something I cannot get > by with when I use "views" ? Or am I not understanding this properly? The rndc keys (used for connecting to the control interface) are unrelated to the keys used with DNSSEC. But for operations it is a good idea. See the ARM and/or rndc-confgen manpage about generating the rndc configuration. Let's get your named startup working first before we work on your goal. (If I understand correctly, you want named to serve internally unsigned zones, an external appliance will sign the zones, and then named can then serve the signed zones publicly.) _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
