DNS KSK rollover, local_unbound and 11.2-STABLE
Dag-Erling Smørgrav
des at des.no
Sat Oct 13 10:16:07 UTC 2018
Eugene Grosbein <eugen at grosbein.net> writes:
> The commands "unbound-anchor -vv; cat /var/unbound/root.key" show:
> [...]
> ; created by unbound-anchor on Sat Oct 13 14:28:12 2018
> . IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
> . IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
>
> Several seconds later, "cat /var/unbound/root.key" shows:
> [...]
> It seems, distinct processes update the file and one of them fails.
You're supposed to run unbound-anchor *before* starting unbound (and the
rc script will automatically do that if /var/unbound/root.key does not
exist). What you're seeing now is unbound periodically overwriting
root.key with what it has in memory.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-net
mailing list