Bind9 version 9.17.12 not starting without different DNS server
I tried version 9.17.12 because of the new TLS features. My resolv.conf only contains the local resolver 127.0.0.1 and ::1.
The problem is that the new Bind9 doesn't start without having an alternative resolver in resolv.conf. It looks like something in the Bind9 startup process relies on DNS before itself is serving queries.
The last message in the logfile is:
named: managed-keys-zone: Failed to create fetch for DNSKEY update
After that the Bind9 process is running but doesn't answer queries. Using the same build with the same config, but with an alternative resolver in resolv.conf starts fine and serves DNS afterwards.
Starting with disabled DNSSEC makes the error message go away, but still spawns an unresponsive DNS resolver.
Thanks for any help.