August 14, 2010    


 

 


After a recent updates to DNS (BIND) packages, Fedora 12 and 13 have begun experiencing some problems with the DNS service. The named service fails to start with with the following error:

Error in named configuration:
/etc/pki/dnssec-keys//named.dnssec.keys:1: open: /etc/pki/dnssec-keys//production/bg.conf: file not found

The update was not a fortunate one and an official fix will probably be issued soon. A quick way to resolve this problem is to disable the DNSSEC options in named. Edit /etc/named.conf and comment the following lines using double slashes so they look like the ones below:

//dnssec-enable yes;
//dnssec-validation yes;
//dnssec-lookaside . trust-anchor dlv.isc.org.;

and at the bottom of the same file:

//include “/etc/pki/dnssec-keys//named.dnssec.keys”;
//include “/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf”;

The DNSSEC features adds digital signatures to your DNS queries. If you need the digital signature for your DNS queries, this is not the solution for you.



 

 


You must be logged in to leave a reply.