Hello any help appreciated, Couple of weeks ago my (single dns) server stopped functioning (bind stopped) so no resolotion of any dns. Obviously I was in a hurry to get it back up, what I found was: when these lines were in named.conf.options: dnssec-enable yes; dnssec-validation yes; version "unknown"; allow-transfer {none;}; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; bind9 would not fire up. When I changed the named.conf.options to the following lines in relation to dnssec: dnssec-validation auto; listen-on-v6 { any; }; The dns server came back up. I have no idea why this fell over in the first place, I dont know if the signing key can expire or not (it was all setup on the DNS (UI) for the main domain of the server. DNS has continued to function ever since but I have had lots more spam hitting my server (and being taken in rather than rejected) So, I am trying to get DNSSEC back as it should be. FIRST question....is there a tutorial that can walk me through how to remove the old UI setup and re-create it ? Seems this would be the best solution. I cannot find anything that looks pertinent to my situation. NB...I tried manually editting named.conf.options to its original as above and (obviously) bind9 subsequently refuses to fire up (no surprise as I havent got to/fixed the root cause of the issue) Hope someone can advise. ISPConfig Version: 3.2.7p1
If it is ISPConfig related you should post it in the correct forums. And please use Code-Tags in the Editor when posting logs or configuration file snippets in the forum, it's much easier to read. There has to be some errors in the logs. You might want to post them here so someone is able to help you.
Hi there I hunted around for anything that looked like the correct forum and was unsuccessful, hence my mew thread. Can you point me at where I should be asking ? As described in my first post, the DNSSEC was all setup/controlled via IspConfig3, I never got involved with any direct config on this subject (until the failure occured) it was all put in place by the Ispconfig3 UI Cheers
