[Unbound-users] Reverse DNS Caching Proxy (was: Unbound as an "authoritative" cache?)

Ville Mattila vmattila at csc.fi
Wed Nov 13 08:40:59 UTC 2013


On 2013-11-13 10:14, Oliver Peter wrote:
> Jan-Piet brought up the discussion a couple of years ago:
>   http://unbound.net/pipermail/unbound-users/2008-February/000021.html
> Background:  We have indeed a slow master nameserver and we were
> thinking about taking advantage of unbounds fast cache.
> 	-- [ Unbound ] --> [ forward-addr: ] --> [ Master ]
> The problem here is that unbound is doing it's job right:
> 	- mark the reply as RA instead of AA
> 	- countdown the cached TTL
> Furthermore the master also allows AXFR and notifies - stuff that's
> obviously not supported by a resolver.
> Does anyone have an idea how to use unbound in front of an
> authoritative nameserver?

Use NSD instead.  It's fast _authoritative_ name server, can provide
AXFR and send/receive NOTIFYs.  Does not support dynamic updates, though.


Ville Mattila, CSC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xF55B661A.asc
Type: application/pgp-keys
Size: 6992 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20131113/886f860a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20131113/886f860a/attachment-0001.bin>

More information about the Unbound-users mailing list