Recently there was an update to ports to BIND 9.10.3 from the previous version BIND 9.10.2-P4
I run BIND on two FreeBSD 10.2 systems.
BIND is authoritative for two Internet DNSSEC domains and is also the resolver for my LAN.
Since updating to 9.10.3,and with no changes to the system or BIND configuration, BIND on one server causes numerous Internet name resolution failures.
Disabling DNSSEC validation by changing in named.conf
to
allows resolving to succeed.
BIND on the second server appears to be unaffected and resolves Internet domains fine after the update with dnssec-validation auto;. The BIND configurations between the two servers are virtually identical as are the file permissions.
Downgrading back to BIND 9.10.2-P4 allows resolving with dnssec-validation auto; to work perfectly as it did prior to the update.
I am not sure how to troubleshoot this issue. Can anyone offer any suggestions?
I run BIND on two FreeBSD 10.2 systems.
BIND is authoritative for two Internet DNSSEC domains and is also the resolver for my LAN.
Since updating to 9.10.3,and with no changes to the system or BIND configuration, BIND on one server causes numerous Internet name resolution failures.
Disabling DNSSEC validation by changing in named.conf
Code:
dnssec-validation auto;
Code:
dnssec-validation no;BIND on the second server appears to be unaffected and resolves Internet domains fine after the update with dnssec-validation auto;. The BIND configurations between the two servers are virtually identical as are the file permissions.
Downgrading back to BIND 9.10.2-P4 allows resolving with dnssec-validation auto; to work perfectly as it did prior to the update.
I am not sure how to troubleshoot this issue. Can anyone offer any suggestions?