local_unbound broken in 11.2-p13

Wolfgang Zenker wolfgang at lyxys.ka.sub.org
Wed Aug 7 09:51:24 UTC 2019


Hi,

I was trying to use local_unbound in a jail on a newly configured server
running 11.2-p13. First using an external nameserver in resolv.conf
(works) and after starting local_unbound for the first time, config was
created and local_unbound starts ok, but any queries get an answer with
rcode SERVFAIL. No information in /var/log/messages. Same setup on 11.2-p9
works as expected.

Comparing config on both servers, it appears that local_inbound now
creates a root.key file with a DS record for the root zone, while the
working installation has a DNSKEY record for the root zone. Changing
the root.key file to one with DNSKEY record gets local_unbound working
again.

Wolfgang


More information about the freebsd-stable mailing list