# Try to install dns/bind913 properly



## YuryG (Feb 22, 2019)

I am trying to use BIND and to configure it using DNSSEC. The drill command gives me this:

```
drill -S www.FreeBSD.org
;; Number of trusted keys: 1
;; Chasing: www.freebsd.org. A


DNSSEC Trust tree:
www.freebsd.org. (CNAME)
|---freebsd.org. (DNSKEY keytag: 6441 alg: 8 flags: 256)
    |---freebsd.org. (DNSKEY keytag: 60160 alg: 8 flags: 257)
    |---freebsd.org. (DS keytag: 60160 digest type: 2)
        |---org. (DNSKEY keytag: 44603 alg: 7 flags: 256)
            |---org. (DNSKEY keytag: 9795 alg: 7 flags: 257)
            |---org. (DNSKEY keytag: 17883 alg: 7 flags: 257)
            |---org. (DS keytag: 9795 digest type: 2)
            |   |---. (DNSKEY keytag: 16749 alg: 8 flags: 256)
            |       |---. (DNSKEY keytag: 19164 alg: 8 flags: 385)
            |       |---. (DNSKEY keytag: 20326 alg: 8 flags: 257)
            |---org. (DS keytag: 9795 digest type: 1)
                |---. (DNSKEY keytag: 16749 alg: 8 flags: 256)
                    |---. (DNSKEY keytag: 19164 alg: 8 flags: 385)
                    |---. (DNSKEY keytag: 20326 alg: 8 flags: 257)
No trusted keys found in tree: first error was: No DNSSEC public key(s)
;; Chase failed.
```
So, I suppose, the thing does not work as I wanted. Could it be seen what is wrong?
/etc/resolv.conf

```
nameserver 127.0.0.1
options edns0
```
I have these lines in /usr/local/etc/namedb/named.conf

```
dnssec-validation       auto;
        dnssec-enable           yes;
```
May be something with "forwarders" option (that is commented in my config)?


----------

