That must have been it. I spun a new package and installed in on my firewall, rebooted, and I'm not seeing the issue.
> On Dec 28, 2022, at 12:24 AM, Ondřej Surý <ond...@isc.org> wrote: > > Hi, > > running latest upstream version first might save you some time, it’s this: > > https://gitlab.isc.org/isc-projects/bind9/-/issues/2895 > > > Ondrej > -- > Ondřej Surý — ISC (He/Him) > > My working hours and your working hours may be different. Please do not feel > obligated to reply outside your normal working hours. > >> On 28. 12. 2022, at 1:51, Philip Prindeville >> <philipp_s...@redfish-solutions.com> wrote: >> >> Hi, >> >> I notice that went Bind 9.18.7 comes up on OpenWRT, and I'm running it as a >> local resolver, resolution initially doesn't work and I get a lot of noise >> in /var/log/messages like: >> >> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature >> found >> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': >> 193.0.14.129#53 >> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature >> found >> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': >> 198.97.190.53#53 >> Dec 27 17:27:12 OpenWrt named[13171]: validating org/DS: no valid signature >> found >> Dec 27 17:27:12 OpenWrt named[13171]: no valid RRSIG resolving 'org/DS/IN': >> 202.12.27.33#53 >> Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving >> '_.linksys.pool.ntp.org/A/IN': 185.209.85.151#53 >> Dec 27 17:27:12 OpenWrt named[13171]: validating 0.linksys.pool.ntp.org/A: >> bad cache hit (org/DS) >> Dec 27 17:27:12 OpenWrt named[13171]: broken trust chain resolving >> '0.linksys.pool.ntp.org/A/IN': 45.127.112.23#53 >> Dec 27 17:27:13 OpenWrt named[13171]: validating tabletcaptiveportal.com/A: >> bad cache hit (com/DS) >> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving >> 'tabletcaptiveportal.com/A/IN': 205.251.195.137#53 >> Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: >> bad cache hit (net/DS) >> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving >> '_.voip.syringanetworks.net/A/IN': 66.232.66.3#53 >> Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: >> bad cache hit (net/DS) >> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving >> '_._udp.voip.syringanetworks.net/A/IN': 66.232.66.3#53 >> Dec 27 17:27:13 OpenWrt named[13171]: validating syringanetworks.net/SOA: >> bad cache hit (net/DS) >> Dec 27 17:27:13 OpenWrt named[13171]: broken trust chain resolving >> '_sip._udp.voip.syringanetworks.net/SRV/IN': 66.232.66.3#53 >> >> Until I run a script that contains: >> >> #!/bin/sh >> >> rm -f /tmp/managed-keys.bind* /tmp/*.jnl >> >> rndc managed-keys refresh >> rndc managed-keys sync >> >> /etc/init.d/named restart >> >> And the "restart" command basically kills the old instance of the server, >> then restarts it. Then the errors go away and everything works. >> >> What does this point to as being wrong in the startup scripts so I can fix >> it? >> >> Thanks, >> >> -Philip >> >> >> >> >> -- >> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from >> this list >> >> ISC funds the development of this software with paid support subscriptions. >> Contact us at https://www.isc.org/contact/ for more information. >> >> >> bind-users mailing list >> bind-users@lists.isc.org >> https://lists.isc.org/mailman/listinfo/bind-users -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
