Many repeated log messages about managed-keys-zone
Summary
Authoritative server excessively logs
managed-keys-zone: Unable to fetch DNSKEY set '.': failure
or
managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete)
BIND version used
- Affects v9.19: Intermittently reproducible, BIND 9.19.8-dev 1b2ee33d.
- Not sure about older versions.
Steps to reproduce
- Configure server with
options { recursion no; };
- Do bunch of restart or
rndc reconfig
s
What is the current bug behavior?
Message
managed-keys-zone: Unable to fetch DNSKEY set '.': failure
is repeated many times within the same millisecond.
Largest observed repetition is 114.
What is the expected correct behavior?
First, I dunno why the auth server should even bother fetching . DNSKEY
...
If it is legit I would not expect it going in circles.
Relevant configuration files
(abbreviated)
options {
recursion no;
listen-on {
};
listen-on-v6 {
2600::0;
};
allow-query {
"any";
};
notify no;
};
zone "net." {
type primary;
file "/usr/etc/smallnet.db";
masterfile-format text;
};
smallnet.db
is an empty zone.
If net.
zone is configured with an empty zone it complains about inability to fetch keys.
If net.
is not configured at all it repeats log line about key being trusted.