diff --git a/roles/router/tasks/main.yaml b/roles/router/tasks/main.yaml
index 1ad5dfd37a9017730781f2c5580bd90fa92cc55a..f99602f39d095ca1286d122859f738a1be4a1190 100644
--- a/roles/router/tasks/main.yaml
+++ b/roles/router/tasks/main.yaml
@@ -41,6 +41,15 @@
     - network
     - pf
 
+- name: Generate the Unbound root anchor file
+  command:
+    cmd: /usr/sbin/unbound-anchor -a /var/unbound/db/root.key
+    creates: /var/unbound/db/root.key
+  tags:
+    - network
+    - dns
+    - unbound
+
 - name: Set DNS resolving
   copy:
     content: |-
@@ -58,19 +67,19 @@
 - name: Configure the network interfaces
   with_dict:
     em1: |
-      inet 192.168.3.1 255.255.255.0
       description "Connected to internal LAN."
+      inet 192.168.3.1 255.255.255.0
       group ingress
       up
     em5: |
       description "Connected to DSL modem for PPPoE connection to the ISP."
       up
     pppoe0: |
+      description "The connection to the internet."
       inet 62.219.131.121 255.255.255.255 NONE \
       pppoedev em5 authproto pap \
       authname 'ns_nimadar@014' authkey '{{ bezeqint_password }}' up
       dest 0.0.0.1
-      description "The connection to the internet."
       !/sbin/route add default -ifp pppoe0 62.219.131.121
   copy:
     content: '{{ item.value }}'
@@ -439,7 +448,7 @@
       special_time: daily
     - job: >-
         {
-        /usr/sbin/unbound-anchor -a /var/unbound/etc/root.key
+        /usr/sbin/unbound-anchor -a /var/unbound/db/root.key
         ||
         /etc/rc.d/unbound restart ;
         } | logger