Skip to Content.
Sympa Menu

discuss - [opennic-discuss] DNSSec troubles

discuss AT

Subject: Discuss mailing list

List archive

[opennic-discuss] DNSSec troubles

Chronological Thread 
  • From: Justin Vallon <justinvallon AT>
  • To: discuss AT
  • Subject: [opennic-discuss] DNSSec troubles
  • Date: Sat, 29 Jun 2013 13:28:32 -0400

I recently upgraded to bind 9.9.3-P1 (MacPorts), which enables DNSSec by default. One of my servers is

My bind configuration uses "forward only; forwarders {; };". But, all queries timeout with security errors in the log.

If I use Google Public DNS (, or the root servers, bind is happy and responds to queries.

I looked at dig and compared "dig @SERVER +dnssec", but saw no difference in the responses.

On the bind side, I have set "dnssec-validation auto". Everything else is standard.

JustinVallon AT

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Archive powered by MHonArc 2.6.19.

Top of Page