1. Forum
  2. Newsgroups
  3. comp.protocols.dns.bind

  • unknown option 'trust-anchors'

    From @lbutlr@[email protected] to bind-users on Sun Jul 5 07:51:29 2020
    From Newsgroup: comp.protocols.dns.bind

    In named.conf I have
    dnssec-enable yes;
    dnssec-validation auto;
    # rndc managed-keys status
    view: _default
    next scheduled event: Sun, 05 Jul 2020 20:43:00 GMT
    name: .
    keyid: 20326
    algorithm: RSASHA256
    flags: SEP
    next refresh: Sun, 05 Jul 2020 20:43:00 GMT
    trusted since: Mon, 21 Jan 2019 14:53:55 GMT
    mail # rndc reload
    rndc: 'reload' failed: failure
    mail # tail /var/log/messages
    Jul 5 07:41:24 mail.covisp.net named[53940] /usr/local/etc/namedb/bind.keys:29: unknown option 'trust-anchors'
    Jul 5 07:41:24 mail.covisp.net named[53940] reloading configuration failed: failure
    Bind is currently running just fine and has been since 8 June.
    The bind.keys file has:
    # See https://data.iana.org/root-anchors/root-anchors.xml for current trust
    # anchor information for the root zone.
    But that URL does not load and gives an XML error.
    --
    <http://xkcd.com/241/>
    <http://xkcd.com/304/>
    <http://xkcd.com/635/> <=-
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From @lbutlr@[email protected] to bind-users on Sun Jul 5 16:36:11 2020
    From Newsgroup: comp.protocols.dns.bind

    On 05 Jul 2020, at 07:51, @lbutlr via bind-users <[email protected]> wrote:
    mail # rndc reload
    rndc: 'reload' failed: failure
    mail # tail /var/log/messages
    Jul 5 07:41:24 mail.covisp.net named[53940] /usr/local/etc/namedb/bind.keys:29: unknown option 'trust-anchors'
    Jul 5 07:41:24 mail.covisp.net named[53940] reloading configuration failed: failur
    When checking on things I see that despite INSTALLING bind 9.16 I neglected to restart bind at the time, so the running version is still 9.14.11. Could this be the cause of this issue? I am loathe to stop and restart named in case this is NOT the issue and I then end up with a non-functioning primary DNS.
    --
    'The only reason we're still alive now is that we're more fun alive
    than dead,' said Granny's voice behind her. --Lords and Ladies
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From Mark Andrews@[email protected] to @lbutlr on Mon Jul 6 09:27:25 2020
    From Newsgroup: comp.protocols.dns.bind

    Yes, that is the issue.
    On 6 Jul 2020, at 08:36, @lbutlr <[email protected]> wrote:

    On 05 Jul 2020, at 07:51, @lbutlr via bind-users <[email protected]> wrote:
    mail # rndc reload
    rndc: 'reload' failed: failure
    mail # tail /var/log/messages
    Jul 5 07:41:24 mail.covisp.net named[53940] /usr/local/etc/namedb/bind.keys:29: unknown option 'trust-anchors'
    Jul 5 07:41:24 mail.covisp.net named[53940] reloading configuration failed: failur

    When checking on things I see that despite INSTALLING bind 9.16 I neglected to restart bind at the time, so the running version is still 9.14.11. Could this be the cause of this issue? I am loathe to stop and restart named in case this is NOT the issue and I then end up with a non-functioning primary DNS.



    --
    'The only reason we're still alive now is that we're more fun alive
    than dead,' said Granny's voice behind her. --Lords and Ladies

    _______________________________________________
    Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

    ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


    bind-users mailing list
    [email protected]
    https://lists.isc.org/mailman/listinfo/bind-users
    --
    Mark Andrews, ISC
    1 Seymour St., Dundas Valley, NSW 2117, Australia
    PHONE: +61 2 9871 4742 INTERNET: [email protected]
    --- Synchronet 3.18a-Linux NewsLink 1.113