Hi all,
I continuousely happen to see this message:
> local0.warn named[2291]:
> dnssec: warning: managed-keys-zone: Failed to create fetch for DNSKEY update
I see it on different nameservers, at different sites, with and
without views, with and without IPv6, and I see it every time when
named is restarted.
I couldn't find the message mentioned on google etc.
The docs say DNSSEC for a mere recursive server should work out of the
box with the defaults. Apparently it doesn't, but where could I find a
clue about what my config is missing? (I have nothing at all
configured concerning DNSSEC.)
----------------------------------------
Other clues failing, I took a look at the source, and I suppose things to
bo like that:
lib/dns/zone.c:zone_refreshkeys()
if (result == ISC_R_SUCCESS) {
fetching = true;
} else {
...skipping...
dnssec_log(zone, ISC_LOG_WARNING,
"Failed to create fetch for DNSKEY update
%d", result);
lib/dns/resolver.c:dns_resolver_createfetch()
lib/dns/resolver.c:fctx_create()
lib/dns/view.c:dns_view_findzonecut()
} else if (result != ISC_R_SUCCESS) {
/*
* Something is broken.
*/
(could have almost imagined that ...)
lib/dns/zone.c:dns_zone_getdb()
if (zone->db == NULL) {
result = DNS_R_NOTLOADED;
-----------------------------------------------------
So this doesn't give a clue either :(
Wondering
* WHAT is broken?
* Why does it happen only to me?
Cheerio,
PMc
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
