Maintained by: NLnet Labs

[Unbound-users] Validation failure !?

Augie Schwer
Sun Mar 18 04:52:04 CET 2012

We started seeing these today from 1425 PST to 1532 PST :

Mar 17 14:45:27 a unbound: [7326:0] info: validation failure
< A IN>: no DNSSEC records from for DS while building chain of trust

We removed the box from the cluster, even though it seemed to still be
serving DNS requests just fine.

Anyone know why this happened? Some mis-configuration on my end?

Unbound 1.4.16

Relevant configuration entries:

# grep -v "#" /etc/unbound.conf | perl -pe 's/^\s$//'
	verbosity: 1
	interface: ::0
	interface-automatic: yes
	port: 53
	access-control: allow

	hide-identity: yes
	hide-version: no
	version: "Served by Unbound -"
	auto-trust-anchor-file: "/var/unbound/root.key"

	val-log-level: 2

	local-zone: "" transparent
	local-data: " A"
	control-enable: yes
	control-interface: ::0

Augie Schwer    -    Augie at    -