diff --git a/roles/bind-role/tasks/master.yml b/roles/bind-role/tasks/master.yml
index cfe8eed..48f1d89 100644
--- a/roles/bind-role/tasks/master.yml
+++ b/roles/bind-role/tasks/master.yml
@@ -1,6 +1,8 @@
 # roles/bind/tasks/master.yml
 # Set up a BIND master server
 ---
+- name: Master | Generate rndc.key
+  shell: rndc-confgen -a -b 128 -c /etc/rndc.key -k rndc-key
 
 - name: Master | Main BIND config file (master)
   template:
diff --git a/roles/bind-role/templates/master_etc_named.conf.j2 b/roles/bind-role/templates/master_etc_named.conf.j2
index cc1e348..bc3f474 100644
--- a/roles/bind-role/templates/master_etc_named.conf.j2
+++ b/roles/bind-role/templates/master_etc_named.conf.j2
@@ -47,7 +47,7 @@ options {
 
   dnssec-enable {{ bind_dnssec_enable }};
   dnssec-validation {{ bind_dnssec_validation }};
-  dnssec-lookaside auto;
+  //dnssec-lookaside auto;
 
   /* Path to ISC DLV key */
 //  bindkeys-file "/etc/named.iscdlv.key";
diff --git a/roles/bind-role/templates/slave_etc_named.conf.j2 b/roles/bind-role/templates/slave_etc_named.conf.j2
index 927278a..a4695e8 100644
--- a/roles/bind-role/templates/slave_etc_named.conf.j2
+++ b/roles/bind-role/templates/slave_etc_named.conf.j2
@@ -48,7 +48,7 @@ options {
 
   dnssec-enable {{ bind_dnssec_enable }};
   dnssec-validation {{ bind_dnssec_validation }};
-  dnssec-lookaside auto;
+  //dnssec-lookaside auto;
 
   /* Path to ISC DLV key */
 //  bindkeys-file "/etc/named.iscdlv.key";