[dns-operations] DNSSEC disabling on systemd/Ubuntu required?
Robert Edmonds
edmonds at mycre.ws
Fri Apr 21 15:45:00 UTC 2017
Stephane Bortzmeyer wrote:
> I have no information about this bug, and the suggested
> workaround. Anyone can share details?
>
> https://twitter.com/machms/status/855134897102622725
>
> Internet doesn't work anymore after upgrading #ubuntu to 17.04 #zesty version? Add
> 'DNSSEC=off' to /etc/systemd/resolved.conf and reboot.
It looks like the Debian/Ubuntu systemd package maintainers decided not
to risk enabling DNSSEC by default in the upcoming releases. (Note the
systemd version in Ubuntu "zesty" is currently 232-21ubuntu2 so this fix
hasn't propagated yet.)
systemd (232-22) unstable; urgency=medium
[ Martin Pitt ]
* resolved: Disable DNSSEC by default on stretch and zesty.
Both Debian stretch and Ubuntu zesty are close to releasing, switch to
DNSSEC=off by default for those. Users can still turn it back on with
DNSSEC=allow-downgrade (or even "yes").
[ … ]
-- Michael Biebl <biebl at debian.org> Tue, 28 Mar 2017 21:23:30 +0200
--
Robert Edmonds
More information about the dns-operations
mailing list