[Unbound-users] DNS64 patch for Unbound
ondrej at caletka.cz
Wed Jul 2 08:34:10 UTC 2014
Dne 1.7.2014 12:26, Bjoern A. Zeeb napsal(a):
> OK, just replying to the last email; I’ll cleanup the patch (without the regenerated files, etc.) and post it here the next hours or if that fails days, so people can review, test, integrate it.
I'm not sure if it's valid in current version of patches, but I would
like to point out that the DNS64-patched Unbound operated on public
NAT64 test  (apparently offline ATM) fails to conform with RFC 6147
in the way it handles queries with DO and CD flags set. For these
queries, the synthesis MUST NOT be performed in order to preserve valid
DNSSEC data for further validation at endpoint . I think this should
be fixed before the patch reaches the upstream.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4287 bytes
Desc: Elektronicky podpis S/MIME
More information about the Unbound-users