DNSSEC question

James B. Byrne byrnejb at harte-lyne.ca
Sat Jun 8 00:25:30 UTC 2019

We are running a DNS master using the BIND-9.11 pkg for FreeBDS-12.0p5.

We have run into a problem with a couple of our domains that use
DNSSEC.  Specifically we have started to see this error when loading
those zones:

07-Jun-2019 19:58:56.342 zone harte-lyne.ca/IN/public (unsigned):
loaded serial 2019070706
07-Jun-2019 19:58:56.342 dns_master_load: file format mismatch (not raw)
07-Jun-2019 19:58:56.342 zone harte-lyne.ca/IN/public (signed):
loading from master file
/usr/local/etc/namedb/master/harte-lyne.ca.hosts.signed failed: not
07-Jun-2019 19:58:56.342 zone harte-lyne.ca/IN/public (signed): not
loaded due to errors.

I have searched for a solution to this for hours and the only solution
that I found for this specific error is to add the clause:

        masterfile-format text;

to the zone declaration block in named.conf.  However, this changes
nothing.  The error persists.

What is it about the hosts.signed file that BIND complaining about?

I need to get this fixed but I am out of ideas as to what is really

***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

More information about the freebsd-questions mailing list