bind9 configure forward zone for local domain without DNSSEC for this zone only
Solution 1:
I found an answer. Following line in /etc/bind/named.conf.options
fixes it:
---> dnssec-must-be-secure mydomain.local no; <---
So, full text of /etc/bind/named.conf.options
will be (skipping comments):
options {
directory "/var/cache/bind";
forwarders {
192.168.1.1;
};
dnssec-enable yes;
dnssec-validation yes;
dnssec-must-be-secure mydomain.local no;
auth-nxdomain no;
listen-on-v6 { any; };
};
UPDATE: Actually, at this point I cannot tell if I indeed fixed bind with that line or didn't. Somehow all queries succeed now, with or without this line. If an expert is present here, please chip in