DNS KSK rollover, local_unbound and 11.2-STABLE
Eugene Grosbein
eugen at grosbein.net
Sat Oct 13 11:50:44 UTC 2018
13.10.2018 18:38, Dag-Erling Smørgrav wrote:
> Eugene Grosbein <eugen at grosbein.net> writes:
>> This nanobsd does not have root.key in its persistent configuration
>> and runs mpd5 from ports as PPPoE client for global connectivity.
>>
>> According to rcorder, /etc/rc.d/local_unbound runs BEFORE: NETWORKING
>> and much earlier then /usr/local/etc/rc.d/mpd5 is started that REQUIRES: SERVERS
>>
>> So, local_unbound startup script has no chance to update root.key with unbound-anchor
>> and the unbound daemon starts with no root.key at all.
>
> That's not a supported configuration.
This is pretty normal for a system to start when no global connectivity exists,
think of external network failures etc. Robust system should support this
and automatically revive once connectivity is back.
Why unbound daemon fails to update root.key after start?
More information about the freebsd-net
mailing list