[SOLVED] BIND Unable to fetch DNSKEY set '.': timed out

Posted: 2020/06/09 09:59:47
by Al_Stu
Getting log messages like this. Especially at named start up.

Code: Select all

09-Jun-2020 02:14:22.296 general: warning: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out
The system does not have IPv6 Internet service. Removing (commenting out) the roots hint file AAAA entries solved the problem.

The more proper way though is to run named with the IPv4 only mode option flag (-4).
viewtopic.php?f=50&t=74591&sid=fd22655d ... a87916a4a5

BIND still worked. Though it occasionally had some resolver priming query troubles. As well as taking considerable time to be trusted.

A log message like this is what to expect.

Code: Select all

09-Jun-2020 02:15:50.015 general: info: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted