Hi,
On 04/03/16 11:39, Havard Eidnes wrote:
>>> Following the "not a bug" response from the BIND maintainers
>>> yesterday evening, can you please point to chapter and verse
>>> mandating this behaviour for non-authoritative recursive
>>> resolvers?
>>
>> RFC4035 3.2.3 for validators, all RRset
W.C.A. Wijngaards via Unbound-users wrote:
> The sysadmin edits the root.hints file? The unbound.conf file is just
> pointing to the root.hints file. I don't really see sysadmins editing
> the root.hints file. Only very sporadic, perhaps, updating it
> themselves. But then they have to keep doi
On 2016-03-16 10:46, Robert Edmonds via Unbound-users wrote:
Not quite, I want to avoid two things:
1) The sysadmin should never have to update the root hints by hand.
"apt update && apt upgrade" should upgrade any packages needed to bring
the root hints up to date.
2) The package maintainers s
Dave Warren via Unbound-users wrote:
> On 2016-03-16 10:46, Robert Edmonds via Unbound-users wrote:
> >Not quite, I want to avoid two things:
> >
> >1) The sysadmin should never have to update the root hints by hand.
> >"apt update && apt upgrade" should upgrade any packages needed to bring
> >the
On 2016-03-17 15:19, W.C.A. Wijngaards via Unbound-users wrote:
I fixed it so that Unbound uses CD=0 to send queries to a forwarder.
Unless a dnssec trust anchor exists above the qname, in which case CD=0
is only attempted on the first query.
Hi,
I did a quick test here, and can confirm that t
> But unbound is trying to set the AD flag in its reply. And thus it
> needs all the RRsets to be secure. Thus, the reply from the forwarder
> with CD flag becomes bogus.
Yes, I know unbound is trying to validate the answer. However,
insisting that a recursor return all pertinent data required
On 2016-03-16 14:06, Robert Edmonds via Unbound-users wrote:
Dave Warren via Unbound-users wrote:
On 2016-03-16 10:46, Robert Edmonds via Unbound-users wrote:
Not quite, I want to avoid two things:
1) The sysadmin should never have to update the root hints by hand.
"apt update && apt upgrade"
W.C.A. Wijngaards via Unbound-users wrote:
> But I think just setting the configuration option for root-hints in
> unbound.conf is probably just what you want? Do you still need to be
> able to set a default value for the root-hints file location, or is it
> just as good to set it in unbound.conf