Closed mocollin closed 1 year ago
Thanks for the post. It seems to be an issue with NextDNS where its failing to return DS records. However, it works well for other signed domain names. It could be that they are blocking that specific domain name and thus blocking its DS record too thus causing the DNSSEC validation error being logged.
In this case, you can just ignore the error since the domain could be blocked anyways and thus fail to resolve. The other option that is not recommended is to disable DNSSEC validation and fully trust the upstream DNS provider which will stop these errors from being logged.
Hello,
I'm running Dns Server 11.1.1 on Ubuntu Server 22.04.2 LTS in a VM on my Synology. Overall everything is working great and I really like the software.
I'm having an issue with the following errors coming up simi-regularly in my DNS logs. I'm using NextDNS as my forwared resolver. It seems related to DNSSEC not completing because a domain isn't resolved by NextDNS enforcing its own block lists. Which probably occurs regularly. But perhaps should be handled more gracefully in the logs?
Error 1:
And Error 2: