Date: Sat, 13 Oct 2018 18:50:25 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@des.no> Cc: freebsd-net <freebsd-net@freebsd.org> Subject: Re: DNS KSK rollover, local_unbound and 11.2-STABLE Message-ID: <6af09cc1-47a4-fe64-7a11-5de26fe7f607@grosbein.net> In-Reply-To: <8636ta2i1k.fsf@next.des.no> References: <5BC046FB.9080906@grosbein.net> <861s8uaodn.fsf@next.des.no> <20be8009-5de8-61f0-dc67-a6b18af7bc37@grosbein.net> <86bm7y2lui.fsf@next.des.no> <44dd8f4d-1608-b38f-2f3e-90d234065038@grosbein.net> <8636ta2i1k.fsf@next.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
13.10.2018 18:38, Dag-Erling Smørgrav wrote: > Eugene Grosbein <eugen@grosbein.net> writes: >> This nanobsd does not have root.key in its persistent configuration >> and runs mpd5 from ports as PPPoE client for global connectivity. >> >> According to rcorder, /etc/rc.d/local_unbound runs BEFORE: NETWORKING >> and much earlier then /usr/local/etc/rc.d/mpd5 is started that REQUIRES: SERVERS >> >> So, local_unbound startup script has no chance to update root.key with unbound-anchor >> and the unbound daemon starts with no root.key at all. > > That's not a supported configuration. This is pretty normal for a system to start when no global connectivity exists, think of external network failures etc. Robust system should support this and automatically revive once connectivity is back. Why unbound daemon fails to update root.key after start?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6af09cc1-47a4-fe64-7a11-5de26fe7f607>