[Unbound-users] bug ? atleast a difference in behaviour

Jaap Akkerhuis jaap at NLnetLabs.nl
Sun Sep 6 17:31:08 UTC 2009

    So powerdns-recursor uses the glue and treats it as authoritative
    data.  Perhaps it has an option to change that and allow
    "hardening" of the data too (kind of as per
    Unbound seems to want to verify the glue at the authoritative
    server. That' s why I thought of unbound's harden-referral-path:
    setting. It's ony of the anti-kaminsky measures of not just
    blindly trusting any using glue you got. Since there is no
    working authoritative source for titan.net, unbound with
    harden-referral-path: yes fails to resolve titan.net and therefor
Note that zonecheck.fr and similar sites apparently don't believe
the glue either.


More information about the Unbound-users mailing list