[Unbound-users] unbound returning unvalidated responses briefly on startup?

Paul Wouters paul at nohats.ca
Mon Feb 3 01:33:24 UTC 2014


Without any kind of python module, we are seeing unbound returning
unvalidated answers on startup briefly.

We can reproduce this using:

service unbound stop
service unbound start
dig +dnssec nohats.ca
dig +dnssec nohats.ca


The first dig will not have the AD bit set, but does return the answer.

Why does this happen? How can we prevent this from happening?

Paul



More information about the Unbound-users mailing list