Update Am Freitag, 8. Januar 2021, 12:09:30 CET schrieb Ulf:
According "dnssec-keygen --help" , "rsasha512" is a valid algorithm. Anyway I change it to big letters (RSASHA512), still unchanged.
# systemctl status named.service ● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2021-01-08 11:56:56 CET; 13s ago Process: 19544 ExecStart=/usr/sbin/named.init start (code=exited, status=6)
Jan 08 11:56:56 server systemd[1]: Starting Berkeley Internet Name Domain (DNS)... Jan 08 11:56:56 server named.init[19544]: Starting name server BIND Jan 08 11:56:56 server named.init[19597]: /etc/named.d/my.key:5: unknown algorithm 'RSASHA512' Jan 08 11:56:56 server systemd[1]: named.service: Control process exited, code=exited, status=6/NOTCONFIGURED Jan 08 11:56:56 server systemd[1]: named.service: Failed with result 'exit-code'. Jan 08 11:56:56 server systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
If I comment out in " /etc/named.conf.include" #include "/etc/named.d/my.key"; named.service start well # systemctl restart named.service # systemctl status named.service ● named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled) Active: active (running) since Sat 2021-01-09 20:52:03 CET; 6s ago Process: 4207 ExecStart=/usr/sbin/named.init start (code=exited, status=0/SUCCESS) Main PID: 4257 (named) Tasks: 14 (limit: 4915) CGroup: /system.slice/named.service └─4257 /usr/sbin/named -t /var/lib/named -u named Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: NS 'maxi3.2.168.192.in-addr.arpa' has no address records (A or AAAA) Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: NS 'maxi4.2.168.192.in-addr.arpa' has no address records (A or AAAA) Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: NS 'fritzbox.2.168.192.in-addr.arpa' has no address records (A or AAAA) Jan 09 20:52:03 maxi named[4257]: zone 2.168.192.in-addr.arpa/IN: not loaded due to errors. Jan 09 20:52:03 maxi named[4257]: zone localhost/IN: loaded serial 42 Jan 09 20:52:03 maxi named[4257]: all zones loaded Jan 09 20:52:03 maxi named[4257]: running Jan 09 20:52:03 maxi systemd[1]: Started Berkeley Internet Name Domain (DNS). Jan 09 20:52:03 maxi named[4257]: managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete) Jan 09 20:52:03 maxi named[4257]: resolver priming query complete But for sure - the local IP's assigned via dhcpd.service will not be available :-( Regards Ulf