RE: DNSSEC Error Log - named[4132]: managed-keys-zone/“externals”: Unable to fetch DNSKEY set '.': timed out

2019-08-06 Thread Tony Finch
LeBlanc, Daniel James wrote: > > Our authoritative servers are not sending notifies anywhere, and we use > only IPs within the config file (Ansible managed) so I wouldn’t expect > that any NS records are being resolved. You need to have `notify no` or `notify explicit` in the authoritative view,

RE: DNSSEC Error Log - named[4132]: managed-keys-zone/“externals”: Unable to fetch DNSKEY set '.': timed out

2019-08-06 Thread LeBlanc, Daniel James
Hi Tony. Thanks for your detailed response. We do have ACLs in place for the internals and externals views, which partly explains the differences in behaviour. Our authoritative servers are not sending notifies anywhere, and we use only IPs within the config file (Ansible managed) so I wouldn’