From owner-freebsd-questions@FreeBSD.ORG  Thu Oct 25 13:11:17 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id BC183F47
 for <freebsd-questions@freebsd.org>; Thu, 25 Oct 2012 13:11:17 +0000 (UTC)
 (envelope-from ml@my.gd)
Received: from mail-ia0-f182.google.com (mail-ia0-f182.google.com
 [209.85.210.182])
 by mx1.freebsd.org (Postfix) with ESMTP id 820A88FC0A
 for <freebsd-questions@freebsd.org>; Thu, 25 Oct 2012 13:11:16 +0000 (UTC)
Received: by mail-ia0-f182.google.com with SMTP id k10so1661644iag.13
 for <freebsd-questions@freebsd.org>; Thu, 25 Oct 2012 06:11:14 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=google.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type
 :x-gm-message-state;
 bh=Sz7iOmtQHgvmRzyFW475mcp2okBc+urQ1MR0fIuJ+4U=;
 b=RmO15WWkgaNyuLfpA/VzzUE/pcxShIgt7K42APr4EOB3RLwo+bexY+R0R5j+pteRve
 dbfkRUa4++3UUAj0sbbt9q5vma5xiCRXVOyYVyvx73B3uECcrPjHnVl7CDaN82cU7Gam
 ms691YVOfyALMzdoi/4E7qY9vh5jPzRTpS0aYXLdEgF8srzigd36rWfdBrkq8COH7nKS
 unY1aNyIMUu9FojAq38C8oPnMgnFHI+on3R2t/Sc+oRIUE1HyrwFyUaxRrax4mhFl3CA
 xNWIKh0d6vZSpr8X+4EnYy3CvR344zGofSwHiVulfpomyGA22+AG1m++Nd6XZcxT+mAK
 gB2Q==
MIME-Version: 1.0
Received: by 10.50.185.195 with SMTP id fe3mr5823164igc.25.1351170674728; Thu,
 25 Oct 2012 06:11:14 -0700 (PDT)
Received: by 10.64.26.7 with HTTP; Thu, 25 Oct 2012 06:11:14 -0700 (PDT)
Date: Thu, 25 Oct 2012 15:11:14 +0200
Message-ID: <CAE63ME7w8VBXS=zU42Mr0dOWxhttDm56KG-Wbbr5x03w-B_kVg@mail.gmail.com>
Subject: BIND - slaving the root zone and signature expired
From: Damien Fleuriot <ml@my.gd>
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQk1RaLfcP/3+LmG48TpXdWmbgs/WVdkquCakvFSXtwLT3rkjzXIjKlG3xSfXcrRBO3gA7kA
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Oct 2012 13:11:17 -0000

Hello list,



Anyone else experienced this problem today ?

We slave the root zone and have received "signature expired" errors.




We slave the root zone like so:
zone "." {
	type slave;
	file "/etc/namedb/slave/root.slave";
	masters {
		192.5.5.241;	// F.ROOT-SERVERS.NET.
	};
	notify no;
};
zone "arpa" {
	type slave;
	file "/etc/namedb/slave/arpa.slave";
	masters {
		192.5.5.241;	// F.ROOT-SERVERS.NET.
	};
	notify no;
};



And got the following errors:

====
messages.2:Oct 25 08:25:46 pf1 named[23251]: starting BIND 9.6.-ESV-R7
-t /var/named -u bind
messages.2:Oct 25 08:25:46 pf1 named[23251]: built with
'--prefix=/usr' '--infodir=/usr/share/info' '--mandir=/usr/share/man'
'--enable-threads' '--enable-getifaddrs' '--disable-linux-caps'
'--with-openssl=/usr' '--with-randomdev=/dev/random' '--without-idn'
'--without-libxml2'
messages.2:Oct 25 08:25:46 pf1 named[23251]:
----------------------------------------------------
messages.2:Oct 25 08:25:46 pf1 named[23251]: BIND 9 is maintained by
Internet Systems Consortium,
messages.2:Oct 25 08:25:46 pf1 named[23251]: Inc. (ISC), a non-profit
501(c)(3) public-benefit
messages.2:Oct 25 08:25:46 pf1 named[23251]: corporation.  Support and
training for BIND 9 are
messages.2:Oct 25 08:25:46 pf1 named[23251]: available at
https://www.isc.org/support
messages.2:Oct 25 08:25:46 pf1 named[23251]:
----------------------------------------------------
messages.2:Oct 25 08:25:46 pf1 named[23251]: command channel listening
on 127.0.0.1#953
messages.2:Oct 25 08:25:46 pf1 named[23251]: command channel listening
on ::1#953
messages.2:Oct 25 08:25:46 pf1 named[23251]:
/etc/namedb/slave/root.slave:10: signature has expired
messages.2:Oct 25 08:25:46 pf1 named[23251]:
/etc/namedb/slave/arpa.slave:10: signature has expired
messages.2:Oct 25 08:25:46 pf1 named[23251]: running
messages.2:Oct 25 08:25:46 pf1 named[23251]: zone ./IN: expired
messages.2:Oct 25 08:25:46 pf1 named[23251]: zone arpa/IN: expired
messages.2:Oct 25 08:27:16 pf1 named[23251]: transfer of 'arpa/IN'
from 192.5.5.241#53: failed while receiving responses: connection
reset
messages.2:Oct 25 08:27:17 pf1 named[23251]: transfer of './IN' from
192.5.5.241#53: failed while receiving responses: connection reset
messages.2:Oct 25 08:28:47 pf1 named[23251]: transfer of './IN' from
192.5.5.241#53: failed while receiving responses: connection reset
messages.2:Oct 25 08:28:47 pf1 named[23251]: transfer of 'arpa/IN'
from 192.5.5.241#53: failed while receiving responses: connection
reset
messages.2:Oct 25 08:30:37 pf1 named[23251]: transfer of 'arpa/IN'
from 192.5.5.241#53: failed while receiving responses: connection
reset
messages.2:Oct 25 08:30:42 pf1 named[23251]: transfer of './IN' from
192.5.5.241#53: failed while receiving responses: connection reset
messages.2:Oct 25 08:32:47 pf1 named[23251]: stopping command channel
on 127.0.0.1#953
messages.2:Oct 25 08:32:47 pf1 named[23251]: stopping command channel on ::1#953
messages.2:Oct 25 08:32:47 pf1 named[23251]: exiting
====