[ Quoting <yukun2...@gmail.com> in "Re: [Unbound-users] How to config w..." ]
this is effectively the text in the draft:
If the address of the client does not match any network in the cache,
then the Recursive Resolver MUST behave as if no match was found and
perform resolution as usual. This is necessary to avoid suboptimal
replies in the cache from being returned to the wrong clients, and to
avoid a single request coming from a client on a different network
from polluting the cache with a suboptimal reply for all the users of
that resolver.
This is why I believe compiling a list of DNS servers who support client
subnet is not enough. There should be another option to config a list of
domains which supports client subnet. Any records in these domains should
be cached in secondary cache instead of the primary one.
While I can see where you are coming from, but hardcoding this in a config
file is not an option.
/Miek
--
Miek Gieben
_______________________________________________
Unbound-users mailing list
Unbound-users@unbound.net
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
