[Unbound-users] Cascading Unbound and automatic key update

lst_hoe02 at kwsoft.de lst_hoe02 at kwsoft.de
Tue Jan 10 16:01:41 UTC 2012

Zitat von "W.C.A. Wijngaards" <wouter at nlnetlabs.nl>:

> Hash: SHA1
> Hi Andreas,
> Now I see this is a forward zone, so +norec no answer, because the
> x.x.x.x is a recursive cache.  Somehow this cache has trouble
> returning dnssec enabled data (once in a while?  Load balancer?)


no, it is a simple two stage unbound cascade. The forwarder does also  
act as resolver cache for the DMZ mailserver and had as said no  
problem resolving names during the whole outage of the internal  
unbound cache. During the outage i was also able to query the  
forwarder from the machine running the internal cache without  
problems, but i only tested simple A/MX queries. I guess it will be  
best to dumb-down the internal as cache only and let the firewall do  
the work, no?

Many Thanks


More information about the Unbound-users mailing list