2.2.4 with unbound fails to start with DNSSEC enabled



  • im getting these issues with unbound on 2.2.4 on a full install and noticed no DNS resolution happens when in forwarding mode and DNSSEC support enabled, unticked that and saved and it starts to work fine again

    Jul 28 18:08:55 	unbound: [60120:0] notice: init module 0: validator
    Jul 28 18:08:55 	unbound: [60120:0] error: ldns error while converting string to RR at8: Syntax error, could not parse the RR's TTL: -19.199
    Jul 28 18:08:55 	unbound: [60120:0] error: failed to load trust anchor from /root.key at line 1, skipping
    Jul 28 18:08:55 	unbound: [60120:0] error: failed to read /root.key
    Jul 28 18:08:55 	unbound: [60120:0] error: error reading auto-trust-anchor-file: /var/unbound/root.key
    Jul 28 18:08:55 	unbound: [60120:0] error: validator: error in trustanchors config
    Jul 28 18:08:55 	unbound: [60120:0] error: validator: could not apply configuration settings.
    Jul 28 18:08:55 	unbound: [60120:0] error: module init for module validator failed
    Jul 28 18:08:55 	unbound: [60120:0] fatal error: failed to setup modules
    

  • Banned

    WFM. You have some corrupt crap there.

    
    rm /var/unbound/root.key
    
    


  • well its a fresh upgrade from 2.2.3 to 2.2.4 and btw on 2.2.3 never had the issue