DNS Problems in Fedora 12 and 13

After a recent updates to DNS (BIND) packages, Fedora 12 and 13 have begun experiencing some problems with the DNS service. The named service fails to start with with the following error:

Error in named configuration:
/etc/pki/dnssec-keys//named.dnssec.keys:1: open: /etc/pki/dnssec-keys//production/bg.conf: file not found

The update was not a fortunate one and an official fix will probably be issued soon. A quick way to resolve this problem is to disable the DNSSEC options in named. Edit /etc/named.conf and comment the following lines using double slashes so they look like the ones below:

//dnssec-enable yes;
//dnssec-validation yes;
//dnssec-lookaside . trust-anchor dlv.isc.org.;

and at the bottom of the same file:

//include “/etc/pki/dnssec-keys//named.dnssec.keys”;
//include “/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf”;

The DNSSEC features adds digital signatures to your DNS queries. If you need the digital signature for your DNS queries, this is not the solution for you.

Leave a Reply