[Unbound-users] Validation failure of DNSSEC signed domain names
Zbynek Michl
zbynek.michl at nic.cz
Thu Apr 29 17:21:23 UTC 2010
On 29.4.2010 17:56, Zbynek Michl wrote:
>> I have just made fixes to svn trunk that may help in this case. But
>> they may not be sufficient to help you here (its about looking in the
>> key cache to see if nic.cz needs DNSSEC).
>
> Ok, thanks, I will try the latest trunk version.
Hmm, r2106 experiences the same issue :(
It seems that there is no exact change between correct/incorrect validation in
the one time point. On the start there are all answers correct, and when I am
trying more and more (different in a few cycles) requests, then there are more
and more incorrect answers. And in some time point all answers are incorrect
from the resolver until cache is flushed (probably).
Regards,
Zbynek
More information about the Unbound-users
mailing list