-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Andreas,
On 10/25/2010 04:37 PM, [email protected] wrote: > Zitat von [email protected]: >> Sorry, forgot the first question. The "private-address:" is not set at >> all, so Unbound should not stripe anything i guess? > > May it be related to the fact that the .cz TLD is DNSSEC signed and the > .de not? Both subdomains don't use DNSSEC until now and have no trust > chain but that's the only difference i came up with... Yes if your own domain is not signed, then you must give: domain-insecure: "domain2.cz" So that unbound understands that there is no DS record published in .cz for domain2.cz. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkzFm7YACgkQkDLqNwOhpPhWVwCgroNO3VLii53LyoA9qKovoGnr uIIAnifRUX2228xbx2b3WyUszCp1yeyj =IPaq -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
