[Unbound-users] atac.fr DNS problem
Gareth Hopkins
gabbawp at gmail.com
Wed Aug 26 15:26:13 UTC 2009
On Wed, Aug 26, 2009 at 2:47 PM, Stephane Bortzmeyer <bortzmeyer at nic.fr>wrote:
> On Mon, Aug 17, 2009 at 02:43:46PM +0000,
> Florian Weimer <fweimer at bfk.de> wrote
> a message of 18 lines which said:
>
> > Please post full trace output, e.g. the result of "dig www.atac.fr
> > +trace +all +norecurse" if you still can reproduce the issue.
>
> Interesting, this set of options do not work with an Unbound resolver:
>
> % dig www.atac.fr +trace +all +norecurse
>
> ; <<>> DiG 9.5.1-P3 <<>> www.atac.fr +trace +all +norecurse
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 1483
> ;; flags: qr; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; Query time: 0 msec
> ;; SERVER: ::1#53(::1)
> ;; WHEN: Wed Aug 26 14:45:27 2009
> ;; MSG SIZE rcvd: 12
Hi Stephane,
You need to add 'allow_snoop' to your access-control statement in
unbound.conf
Example
access-control: 0.0.0.0/0 allow_snoop
Cheers,
Gareth
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20090826/75d19005/attachment.htm>
More information about the Unbound-users
mailing list