In message <rt-4.4.1-82815-1509040718-1288.46410-3-0@isc.org>, "Evan Hunt via RT" writes:
> 
> I got an angry message from someone trying 9.12.0b1 who spent an hour trying
> to figure out why his server wouldn't start.  It turned out to be because
> configuring lookaside with dlv.isc.org is fatal now. There was some kind of
> syslog problem that prevented him from seeing the error message right away.
> 
> On the one hand, syslog problems aren't our responsibility, and he could have
> lost less time if he'd known to run "named -g".  Still, he's got a point:
> if you're experimenting with a new release, you're going to try it with your
> existing configuration, and it's unsettling if it fails, and makes you feel
> less inclined to upgrade.
>
> Do we *need* to break ISC DLV lookaside configurations?  If so, why?  If not,
> let's change it back to a warning.

9.12.0 is a .0 release.  This is the point where we break things if we
are going to break things.  9.{9,10,11}.x is (or should be) a warning.

They also didn't even run named-checkconf.

[rock:bin/tests/system] marka% named-checkconf /etc/named.cache.conf
/etc/named.cache.conf:56: dlv.isc.org has been shut down
[rock:bin/tests/system] marka% echo $?
1
[rock:bin/tests/system] marka% 

We provide the tools for people to test the configuration.

Or read the release notes that state it is a fatal configuration
error.

    <itemizedlist>
      <listitem>
        <para>
          The ISC DNSSEC Lookaside Validation (DLV) service has been shut
          down; all DLV records in the dlv.isc.org zone have been removed.
          References to the service have been removed from BIND documentation.
          Lookaside validation is no longer used by default by
          <command>delv</command>. The DLV key has been removed from
          <filename>bind.keys</filename>. Setting
          <command>dnssec-lookaside</command> to
          <command>auto</command> or to use dlv.isc.org as a trust
          anchor is now a fatal configuration error. [RT #46155]
        </para>
      </listitem>

Or CHANGES

4749.   [func]          The ISC DLV service has been shut down, and all
                        DLV records have been removed from dlv.isc.org.
                        - Removed references to ISC DLV in documentation
                        - Removed DLV key from bind.keys
                        - No longer use ISC DLV by default in delv
                        - "dnssec-lookaside auto" and configuration of
                          "dnssec-lookaide" with dlv.isc.org as trust
                          anchor are both now fatal errors.
                        [RT #46155]

This all said we could make it just a warning.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org