Hello, We recently replaced 3 BIND 9 servers with newer ones.
For whatever reason during the initial setup process the 3 servers all failed to download the dnssec key for '.' And there was no indication whatsoever that this failed. I would propose that if the server is configured as a caching nameserver that if it cannot download the key the service shouldn't start at all or there should be some very forceful indication that it didn't work. Also does anyone know under what conditions that process fails? I'd like to avoid this in the future. Thanks, -Drew
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
