Branko Mijuskovic <branko.mijuskovic.h...@gmail.com> wrote: > > We have an authoritative DNS hidden master (bind-9.11.4-9) running behind > the network where outgoing UDP traffic to unlisted IPs is blocked. > > We are using DNSSEC and I've noticed that we are getting following errors > in the bind9 logfile: 'managed-keys-zone/default: Unable to fetch DNSKEY > set '.': timed out'
I have configured my hidden primary with a `forwarders` clause pointing at my recursive servers, which should stop it from trying to talk to the outside world. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Irish Sea: Westerly 5 to 7, occasionally gale 8 later in south. Moderate, becoming rough or very rough in south. Wintry showers. Good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
