Knowledge Base
AVM Content
Since updating FRITZ!OS, local DNSSEC cannot be used
Since updating FRITZ!OS, DNS requests are no longer resolved via the FRITZ!Box if the devices use a DNSSEC validation (i.e. an authenticity validation of DNS entries for a domain).
The problem affects both their own local DNS servers in the home network (for example Pi-hole, Bind9), which are announced via the FRITZ!Box DHCP server, and connector in doctors' offices and pharmacies (for example Gematik, secunet).
Local DNSSEC is not supported
Due to an error in FRITZ!OS 7.56/57, DNSSEC validation cannot be used for DNS requests via the FRITZ!Box. We will correct this error in a future FRITZ!OS update.
Note:You can have push service mails notify you when new updates are available. In addition, you can configure the FRITZ!Box so that new updates are installed automatically. You can enable these options under "System > Push Service" or "System > Update > Auto Update" in the user interface.
Workaround
- Enter the DNS server used by your internet service provider or a different public DNS server (for example from Cloudflare 1.1.1.1 und 1.0.0.1) in the local DNS server or the connector. If you are using a local DNS server, you can also deactivate the DNSSEC in the DNS server instead.
Important:Changes to connectors in doctors' offices or pharmacies should only be made after consulting the service provider on the premises.
Deutschland
International (English)
Österreich
Nederland
España
Italia
Polska
België (Nederlands)
Luxemburg (Deutsch)
Schweiz (Deutsch)