unbound fails to resolve .org domain with DNSSEC
Paul Wouters
paul at nohats.ca
Mon Sep 10 20:36:06 UTC 2018
On Mon, 10 Sep 2018, Paulo Roberto Tomasi via Unbound-users wrote:
> I'm trying to deploy an unbound installation in Ubuntu 16.04, but with no success enabling DNSSEC.
> when trust-anchor-file: "/var/lib/unbound/root.key" is active (uncommented), all .org domains aren't resolved (other domains are resolved
> correctly):
Is your unbound instance behind an old bind forwarder? There were some
bind versions that did not properly return all records needed for DNSSEC
validation in certain cases. Can you try with unbound having direct
unfiltered port 53 to the internet?
Paul
More information about the Unbound-users
mailing list