[Unbound-users] use-caps-for-id ignore list - feature request

A. Schulze sca at andreasschulze.de
Sun Sep 14 18:33:13 UTC 2014


Rygl Aleš:

> I have found out a temporary solution. I am forwarding troubled domains to a
> another resolver without 0x20 support using forward zone:
that sound very simple but _realy_ cool!

we do enable 0x20 capitalisation at our enterprise level resolvers.

Last week I had an issue with a domain I could analyse in detail.
The external customer run a Debian Squeeze + bind 9.7.3 for his domain  
and rDNS

The rDNS was broken because we sent queries for *.In.ADr.ArpA.

The Debian servers was "protected" by a Cisco firewall.
This device had a "content inspection" for DNS enabled which broke his  
bind9 answers.

Unfortunately the latest 0x20 patches for unbound-1.4.22 did not catch that.

@Wouter, if you'r interested I could setup a test environment...

Andreas




More information about the Unbound-users mailing list