DNS on F13
François Patte
francois.patte at mi.parisdescartes.fr
Wed Nov 10 07:13:30 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Le 10/11/2010 00:14, Paolo Galtieri a écrit :
> I had configured a local DNS server under F12 and everything was working
> fine. I upgraded the system to F13 and
> setup DNS again. Now I see the following errors.
>
> Nov 9 15:46:28 darkstar named[17913]: validating @0xb4e48968:
> dlv.isc.org <http://dlv.isc.org> SOA: got insecure response; parent
> indicates it should be secure
> Nov 9 15:46:28 darkstar named[17913]: error (insecurity proof failed)
> resolving 'dlv.isc.org/DLV/IN <http://dlv.isc.org/DLV/IN>': 168.158.8.15#53
> Nov 9 15:48:02 darkstar named[17913]: validating @0xb49766e8:
> dlv.isc.org <http://dlv.isc.org> SOA: got insecure response; parent
> indicates it should be secure
> Nov 9 15:48:02 darkstar named[17913]: validating @0xb4977160:
> dlv.isc.org <http://dlv.isc.org> SOA: got insecure response; parent
> indicates it should be secure
> Nov 9 15:48:02 darkstar named[17913]: validating @0xb4977bd8:
> dlv.isc.org <http://dlv.isc.org> SOA: got insecure response; parent
> indicates it should be secure
> Nov 9 15:48:02 darkstar named[17913]: error (no valid RRSIG) resolving
> 'howtoforge.com.dlv.isc.org/DS/IN
> <http://howtoforge.com.dlv.isc.org/DS/IN>': 168.158.8.15#53
> Nov 9 15:48:02 darkstar named[17913]: error (insecurity proof failed)
> resolving 'howtoforge.com.dlv.isc.org/DLV/IN
> <http://howtoforge.com.dlv.isc.org/DLV/IN>': 168.158.8.15#53
> Nov 9 15:48:02 darkstar named[17913]: validating @0xb4724d60:
> dlv.isc.org <http://dlv.isc.org> SOA: got insecure response; parent
> indicates it should be secure
> Nov 9 15:48:02 darkstar named[17913]: error (no valid RRSIG) resolving
> 'www.howtoforge.com.dlv.isc.org/DS/IN
> <http://www.howtoforge.com.dlv.isc.org/DS/IN>': 168.158.8.15#53
> Nov 9 15:48:02 darkstar named[17913]: error (insecurity proof failed)
> resolving 'www.howtoforge.com.dlv.isc.org/DLV/IN
> <http://www.howtoforge.com.dlv.isc.org/DLV/IN>': 168.158.8.15#53
>
> I have 2 servers configured in the forwarders section of named.conf
>
> forwarders { 68.2.16.30; 168.158.8.15; };
>
> It only complains about the second one.
>
> I found Bug 577639 which seems related, but it's marked closed notabug.
>
> So if it's not a bug why am I seeing these errors and how do I go about
> resolving them?
>
> Is this a configuration issue on my side, or is this an issue with my ISP?
>
> The file "/etc/named.iscdlv.key" contains the correct key.
>
> Any assistance is appreciated.
Did you test if it is not related to selinux?
- --
François Patte
UFR de mathématiques et informatique
Université Paris Descartes
45, rue des Saints Pères
F-75270 Paris Cedex 06
Tél. +33 (0)1 8394 5849
http://www.math-info.univ-paris5.fr/~patte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkzaRhoACgkQdE6C2dhV2JVEoACfTxAXzHh2IQv6IkkyHTFptPzi
5lcAnjXuCgQ1bRJTkH12+CnWddFxlw+L
=RWDS
-----END PGP SIGNATURE-----
More information about the users
mailing list