[SOLVED] BIND Unable to fetch DNSKEY set '.': timed out

Issues related to configuring your network
Post Reply
Al_Stu
Posts: 50
Joined: 2010/09/14 21:05:16

[SOLVED] BIND Unable to fetch DNSKEY set '.': timed out

Post by Al_Stu » 2020/06/09 09:59:47

Getting log messages like this. Especially at named start up.

Code: Select all

09-Jun-2020 02:14:22.296 general: warning: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out
The system does not have IPv6 Internet service. Removing (commenting out) the roots hint file AAAA entries solved the problem.
(/var/named/named.ca)

The more proper way though is to run named with the IPv4 only mode option flag (-4).
viewtopic.php?f=50&t=74591&sid=fd22655d ... a87916a4a5

BIND still worked. Though it occasionally had some resolver priming query troubles. As well as taking considerable time to be trusted.

A log message like this is what to expect.

Code: Select all

09-Jun-2020 02:15:50.015 general: info: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted

Post Reply

Return to “CentOS 7 - Networking Support”