[Unbound-users] Odd failures in 1.3.4
Paul Wouters
paul at xelerance.com
Tue Jan 12 22:33:18 UTC 2010
Hi,
I'm getting random failures or various domains with unbound 1.3.4. (I know
about 1.4.1)
Just now, reviews.ebay.ca failed to resolve. A dig without +dnssec gave me
ServFail. A dig with +cd gave me a response:
[paul at bofh ~]$ dig +dnssec +cd reviews.ebay.ca @193.110.157.136
; <<>> DiG 9.6.1-P2-RedHat-9.6.1-13.P2.fc12 <<>> +dnssec +cd reviews.ebay.ca @193.110.157.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25715
;; flags: qr rd ra cd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;reviews.ebay.ca. IN A
;; ANSWER SECTION:
reviews.ebay.ca. 248 IN CNAME reviews.intl.ebay.com.
reviews.intl.ebay.com. 3548 IN CNAME search-desc.intl.ebay.com.
search-desc.intl.ebay.com. 248 IN A 66.211.160.141
search-desc.intl.ebay.com. 248 IN A 66.135.202.75
;; Query time: 104 msec
;; SERVER: 193.110.157.136#53(193.110.157.136)
;; WHEN: Tue Jan 12 17:26:16 2010
;; MSG SIZE rcvd: 137
My first question is, does unbound disable more then just dnssec when
using the CD flag? (and if so, is that expected? I always assumed CD
was only for DNSSEC validation bypassing)
My second question is if this is one of the bugs fixed in 1.4.1 + r1953.
Paul
More information about the Unbound-users
mailing list