Date: Thu, 25 Oct 2012 15:11:14 +0200 From: Damien Fleuriot <ml@my.gd> To: freebsd-questions@freebsd.org Subject: BIND - slaving the root zone and signature expired Message-ID: <CAE63ME7w8VBXS=zU42Mr0dOWxhttDm56KG-Wbbr5x03w-B_kVg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello list,
Anyone else experienced this problem today ?
We slave the root zone and have received "signature expired" errors.
We slave the root zone like so:
zone "." {
type slave;
file "/etc/namedb/slave/root.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
zone "arpa" {
type slave;
file "/etc/namedb/slave/arpa.slave";
masters {
192.5.5.241; // F.ROOT-SERVERS.NET.
};
notify no;
};
And got the following errors:
====
messages.2:Oct 25 08:25:46 pf1 named[23251]: starting BIND 9.6.-ESV-R7
-t /var/named -u bind
messages.2:Oct 25 08:25:46 pf1 named[23251]: built with
'--prefix=/usr' '--infodir=/usr/share/info' '--mandir=/usr/share/man'
'--enable-threads' '--enable-getifaddrs' '--disable-linux-caps'
'--with-openssl=/usr' '--with-randomdev=/dev/random' '--without-idn'
'--without-libxml2'
messages.2:Oct 25 08:25:46 pf1 named[23251]:
----------------------------------------------------
messages.2:Oct 25 08:25:46 pf1 named[23251]: BIND 9 is maintained by
Internet Systems Consortium,
messages.2:Oct 25 08:25:46 pf1 named[23251]: Inc. (ISC), a non-profit
501(c)(3) public-benefit
messages.2:Oct 25 08:25:46 pf1 named[23251]: corporation. Support and
training for BIND 9 are
messages.2:Oct 25 08:25:46 pf1 named[23251]: available at
https://www.isc.org/support
messages.2:Oct 25 08:25:46 pf1 named[23251]:
----------------------------------------------------
messages.2:Oct 25 08:25:46 pf1 named[23251]: command channel listening
on 127.0.0.1#953
messages.2:Oct 25 08:25:46 pf1 named[23251]: command channel listening
on ::1#953
messages.2:Oct 25 08:25:46 pf1 named[23251]:
/etc/namedb/slave/root.slave:10: signature has expired
messages.2:Oct 25 08:25:46 pf1 named[23251]:
/etc/namedb/slave/arpa.slave:10: signature has expired
messages.2:Oct 25 08:25:46 pf1 named[23251]: running
messages.2:Oct 25 08:25:46 pf1 named[23251]: zone ./IN: expired
messages.2:Oct 25 08:25:46 pf1 named[23251]: zone arpa/IN: expired
messages.2:Oct 25 08:27:16 pf1 named[23251]: transfer of 'arpa/IN'
from 192.5.5.241#53: failed while receiving responses: connection
reset
messages.2:Oct 25 08:27:17 pf1 named[23251]: transfer of './IN' from
192.5.5.241#53: failed while receiving responses: connection reset
messages.2:Oct 25 08:28:47 pf1 named[23251]: transfer of './IN' from
192.5.5.241#53: failed while receiving responses: connection reset
messages.2:Oct 25 08:28:47 pf1 named[23251]: transfer of 'arpa/IN'
from 192.5.5.241#53: failed while receiving responses: connection
reset
messages.2:Oct 25 08:30:37 pf1 named[23251]: transfer of 'arpa/IN'
from 192.5.5.241#53: failed while receiving responses: connection
reset
messages.2:Oct 25 08:30:42 pf1 named[23251]: transfer of './IN' from
192.5.5.241#53: failed while receiving responses: connection reset
messages.2:Oct 25 08:32:47 pf1 named[23251]: stopping command channel
on 127.0.0.1#953
messages.2:Oct 25 08:32:47 pf1 named[23251]: stopping command channel on ::1#953
messages.2:Oct 25 08:32:47 pf1 named[23251]: exiting
====
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAE63ME7w8VBXS=zU42Mr0dOWxhttDm56KG-Wbbr5x03w-B_kVg>