[Unbound-users] Not sure if and why DNSSEC not working
Jaap Akkerhuis
jaap at NLnetLabs.nl
Mon Jun 23 15:08:24 UTC 2014
Using unbound v_1.4.22 on different LAN IP (my resolv.conf points to
192.168.2.xx as DNS resolver, a VM on the LAN). syslog from unbound
startup shows key & hints files being read. But, neither "drill -TD
-k /var/unbound/root.key" nor web-based checks show active DNSSEC (for
ex http://dnssec.vs.uni-due.de/ gives "No, your DNS resolver does NOT
validate DNSSEC signatures"). unbound.conf has no forward-zones.
Shouldn't that be /etc/unbound/root.key? That is what man drill tells
me.
jaap
More information about the Unbound-users
mailing list