Here you go -
Feb 11 14:24:31 ns2 named[5927]: validating @0x7f1d48226850:
fhr.data.mozilla.com A: no valid signature found
Feb 11 14:24:31 ns2 named[5927]: validating @0x7f1d4a56b910:
gks3ve6q998vi7v3llirpk67eh1rpm81.mozilla.com NSEC3: no valid signature found
Feb 11 14:25:09 ns2 named[5927]: validating @0x7f1d481cbce0:
hollywoodreporter.myshopify.com A: no valid signature found
Feb 11 14:25:11 ns2 named[5927]: validating @0x7f1d507226f0:
valetmag.myshopify.com A: no valid signature found
Feb 11 14:25:16 ns2 named[5927]: validating @0x7f1d402b2c10:
furniture-zone.myshopify.com A: no valid signature found
Feb 11 14:25:27 ns2 named[5927]: validating @0x7f1d48226850:
preferences-mgr.truste.com A: no valid signature found
Feb 11 14:25:38 ns2 named[5927]: validating @0x7f1d48226850:
beastmodecoaching.myshopify.com A: no valid signature found
Feb 11 14:25:38 ns2 named[5927]: validating @0x7f1d429a96d0:
legendsofaesthetics.myshopify.com A: no valid signature found
-----Original Message-----
From: Nathan Ward
Sent: Tuesday, February 11, 2014 1:44 PM
To: Tony Wicks
Cc: NZNOG List
Subject: Re: [nznog] Validating resolvers for DNS and DNSSEC
On 11/02/2014, at 1:21 pm, Tony Wicks
10,000+ customers resolving with DNSSEC enabled caches and we have noticed no issues with it. The only thing we had to do is disable the DNS sec error logging as it was a lot of noise.
category dnssec { null; };
dnssec-enable yes; dnssec-validation auto; dnssec-lookaside auto;
Error logging isn’t something I’d want to ignore. What sort of errors were you seeing? — Nathan Ward