New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Heads Up: Disable dnssec-lookaside now
Just a little heads-up for those who are running BIND and might be recycling an old named.conf file…
ISC has deprecated dnssec-lookaside and, starting with BIND 12.0, named will refuse to start if dnssec-lookaside auto
is set or if it's set to yes with dlv.isc.org as the trust anchor (the default in old versions of CentOS and probably most others).
If you're running BIND 11 with dnssec-lookaside auto
, it's already being silently ignored, so removing it should have no impact now.