[Unbound-users] DNSSEC mismatch between Bind 9.7 and Unbound
lst_hoe02 at kwsoft.de
lst_hoe02 at kwsoft.de
Fri Nov 5 15:53:35 UTC 2010
Zitat von "W.C.A. Wijngaards" <wouter at NLnetLabs.nl>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Andreas,
>
> The trouble is that bind does not respond with the correct response to
> the query for the DS. Unbound can do nothing but fail the query.
>
> (Thank you for the validation error line and those dig outputs, that
> really helps!).
Damn...
That would mean i can't savely operate unbound as downstream cache at
least with this version of Bind. If i disable DNSSEC in unbound it
will set the cdflag for queries to the forwarder so no DNSSEC will be
done at all, no?
Regards
Andreas
More information about the Unbound-users
mailing list