Description of problem: Named daemon generates >100,000 messages/week about "not insecure resolving ..." and "no valid RRSIG resloving ...", visibly slows down DNS operation, clogs up /var/log/messages and /var/named/data/named.run logs. Version-Release number of selected component (if applicable): bind-9.6.2-1.fc12.x86_64 How reproducible: Always Steps to Reproduce: 1. 2. 3. Actual results: DNS operation slow, logs full of spurious messages. Expected results: Normal DNS operation. Additional info: Apparently, failure to establish DNSSEC or DLV trust chain is at fault even though DLV trust anchor keys seem to be included properly. Dig shows RRSIGs but no "AD" flag. Disabling DNSSEC and DLV restores normal operation. BTW, is it reasonable to log multiple failures per lookup, one for each DNS forwarder -- i.e. how about logging just a single failure when no forwarder returned data that could be authenticated?
This issue is addressed in 9.6.2-P1 upstream release which is submitted to F12 updates-testing (https://admin.fedoraproject.org/updates/bind-9.6.2-2.P1.fc12). Would it be possible to test it, please?
*** This bug has been marked as a duplicate of bug 556366 ***