[Unbound-users] Cascading Unbound and automatic key update
lst_hoe02 at kwsoft.de
lst_hoe02 at kwsoft.de
Tue Jan 10 16:01:41 UTC 2012
Zitat von "W.C.A. Wijngaards" <wouter at nlnetlabs.nl>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Andreas,
>
> Now I see this is a forward zone, so +norec no answer, because the
> x.x.x.x is a recursive cache. Somehow this cache has trouble
> returning dnssec enabled data (once in a while? Load balancer?)
Hello
no, it is a simple two stage unbound cascade. The forwarder does also
act as resolver cache for the DMZ mailserver and had as said no
problem resolving names during the whole outage of the internal
unbound cache. During the outage i was also able to query the
forwarder from the machine running the internal cache without
problems, but i only tested simple A/MX queries. I guess it will be
best to dumb-down the internal as cache only and let the firewall do
the work, no?
Many Thanks
Andreas
More information about the Unbound-users
mailing list