2.2.4 with unbound fails to start with DNSSEC enabled
-
im getting these issues with unbound on 2.2.4 on a full install and noticed no DNS resolution happens when in forwarding mode and DNSSEC support enabled, unticked that and saved and it starts to work fine again
Jul 28 18:08:55 unbound: [60120:0] notice: init module 0: validator Jul 28 18:08:55 unbound: [60120:0] error: ldns error while converting string to RR at8: Syntax error, could not parse the RR's TTL: -19.199 Jul 28 18:08:55 unbound: [60120:0] error: failed to load trust anchor from /root.key at line 1, skipping Jul 28 18:08:55 unbound: [60120:0] error: failed to read /root.key Jul 28 18:08:55 unbound: [60120:0] error: error reading auto-trust-anchor-file: /var/unbound/root.key Jul 28 18:08:55 unbound: [60120:0] error: validator: error in trustanchors config Jul 28 18:08:55 unbound: [60120:0] error: validator: could not apply configuration settings. Jul 28 18:08:55 unbound: [60120:0] error: module init for module validator failed Jul 28 18:08:55 unbound: [60120:0] fatal error: failed to setup modules -
WFM. You have some corrupt crap there.
rm /var/unbound/root.key -
well its a fresh upgrade from 2.2.3 to 2.2.4 and btw on 2.2.3 never had the issue
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.