Fix Bind error (broken trust chain) resolving
August 22, 2012 at 08:21 PM | categories: Tips, RHEL, Centos, DNS, Linux | View CommentsThis Bind named issue results in queries failing and log messages such as the following being logged
error (no valid KEY) resolving 'dlv.isc.org/DNSKEY/IN': 156.154.101.23#53
error (broken trust chain) resolving './NS/IN': 193.0.14.129#53
The issue is caused by the date on the system falling out of sync, which causes DLV validation to fail.
This issue can be fixed by doing the following on Centos / RHEL.
ntpdate ntp.pool.org
hwclock --systohc
rm /var/named/dynamic/managed-keys.bind*
service named restart
Name resolution so now work without any issues.
blog comments powered by Disqus