failed to prime trust anchor
dy1977 at orange.fr
dy1977 at orange.fr
Sun May 1 18:43:34 UTC 2022
Hello
I am facing a sudden problem on several devices :
lists of errors in Unboud log :
info: generate keytag query _ta-4f66. NULL IN
info: failed to prime trust anchor -- could not fetch DNSKEY rrset .
DNSKEY IN
100 lines of that, around 10 times the first line, and 90 times the second.
and after that :
info: validation failure <e.root-servers.net. A IN>: no DNSKEY rrset
from 192.36.148.17 and 192.36.148.17 and (...) for trust anchor . while
building chain of trust
and this repeated for b.root..., c.root... and so on.
At the place where I wrote (...) a list of Ip addresses, which can be
the same address repeated up to 25 times, or different addresses, some
repeated and others no.
Sometimes using unbound-anchor seemed to fix the problem, other times
no. The command is successful, but the messages still appear.
These errors appear suddenly for un unknown reason.
I saw in a PfSense forum that this may come from having dnssec anb
forwarding at the same time. But forwarding is not used here.
Any clue to understand would be appreciated.
Thanks
Dysmas
--
L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel antivirus Avast.
https://www.avast.com/antivirus
More information about the Unbound-users
mailing list