[Unbound-users] Reverse DNS Caching Proxy (was: Unbound as an "authoritative" cache?)
Ville Mattila
vmattila at csc.fi
Wed Nov 13 08:40:59 UTC 2013
Hi,
On 2013-11-13 10:14, Oliver Peter wrote:
> Jan-Piet brought up the discussion a couple of years ago:
> http://unbound.net/pipermail/unbound-users/2008-February/000021.html
>
> Background: We have indeed a slow master nameserver and we were
> thinking about taking advantage of unbounds fast cache.
>
> -- [ Unbound ] --> [ forward-addr: ] --> [ Master ]
>
> The problem here is that unbound is doing it's job right:
> - mark the reply as RA instead of AA
> - countdown the cached TTL
>
> Furthermore the master also allows AXFR and notifies - stuff that's
> obviously not supported by a resolver.
>
> Does anyone have an idea how to use unbound in front of an
> authoritative nameserver?
Use NSD instead. It's fast _authoritative_ name server, can provide
AXFR and send/receive NOTIFYs. Does not support dynamic updates, though.
https://www.nlnetlabs.nl/projects/nsd/
Thanks,
--
Ville Mattila, CSC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xF55B661A.asc
Type: application/pgp-keys
Size: 6992 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20131113/886f860a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20131113/886f860a/attachment-0001.bin>
More information about the Unbound-users
mailing list