On Wed, Nov 10, 2021 at 11:31:53PM +0100, Christoph via Pdns-users wrote: > > > > > msg="Unable to load zone into cache, will retry" subsystem="ztc" > > > > > level=0 > > > > > ts="1636499834.251" exception="url method configured but libcurl not > > > > > compiled in" refresh="60" zone="." > > > > > > > > > > installed from your debian repo, version: 4.6.0~beta1-1pdns.bullseye > > > > > > > > Thanks for the report, will fix soon. > > > > > > Can you try http instead of https? I think the libcurl used for the > > > build is libcurl-dev, while only libcurl4-openssl-dev has https support. > > > > Never mind, it was a configure thing. Next beta will have this fixed. > > I was thinking about creating a molecule scenario for it on your nice > recursor ansible repo so I don't have to use our environment for testing, > but you figured it already. > > two more questions about this new feature: > Does it validate zone content just as it would validate all > responses from a remote (root) server (without ztc)? (if validation is > enabled)
DNSSEC valiation will be done, but in a "lazy" way, i.e. only when needed by the dnssec setting or when client flags require it. So bulk validatiuon, but if and when a record is requested by the client. The validation status wil then be stord in the record cache. We plan to suppport ZONEMD as described in https://datatracker.ietf.org/doc/html/rfc8976 in the future. > > Since some tlds publicly document their axfr support > we would like to use it to feed our caches for performance and privacy > reasons. > Therefore it would be nice to be able to specify the server by name and not > by IP address. Is this also something you would consider? > (currently the documentation only mentions IP address as a possible source) I'm hesitant to allow names instead of IPs in the recursor config, as it can easily lead to bootstrapping issues. > thanks for your responsiveness! Thank *you* for testing the beta. It's much better to have these issues reported now than after final release :-) -Otto _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
