Date: Tue, 25 Mar 2014 06:33:08 -0700 (PDT) From: Beeblebrox <zaphod@berentweb.com> To: freebsd-questions@freebsd.org Subject: Re: No DNS-resolution after going to "unbound" Message-ID: <1395754388253-5897510.post@n5.nabble.com> In-Reply-To: <20140325103304.GA1621@aurora.oekb.co.at> References: <20140325103304.GA1621@aurora.oekb.co.at>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi. You have enabled DNSSEC with auto-trust-anchor-file: /var/unbound/root.key Did you run "#unbound-anchor" first in order to generate the key? Read: http://www.unbound.net/documentation/howto_anchor.html "You must obtain an initial trust anchor. The unbound-anchor tool provides an initial anchor from builtin values" You can also try and see if the problem goes away (for testing) when "auto-trust-anchor-file" is disabled. Also, I assume this holds your forward-zone info? include: /var/unbound/forward.conf Make sure the list in that file contains DNSSEC-enabled servers. If the list contains non-DNSSEC servers, it won't work. Alternatively, if you have setup (copy/paste) your "root.hints" file, you do noy need to specify any forward-zone at all. Run unbound & unbound-anchor with all forward zone settings disabled - root-hints will take care of it all with "default servers". ----- FreeBSD-11-current_amd64_root-on-zfs_RadeonKMS -- View this message in context: http://freebsd.1045724.n5.nabble.com/No-DNS-resolution-after-going-to-unbound-tp5897465p5897510.html Sent from the freebsd-questions mailing list archive at Nabble.com.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1395754388253-5897510.post>