rfc6761 compliance
A. Schulze
sca at andreasschulze.de
Fri Sep 11 06:17:37 UTC 2015
Hello,
the RFC 6761 give some advise how caching DNS servers SHOULD
handle queries for reserved domains. Mostly it say
"do not send queries to the root name servers"
... point 4 in any case ...
http://tools.ietf.org/html/rfc6761#section-6.2 ( domain "test." )
http://tools.ietf.org/html/rfc6761#section-6.4 ( domain "invalid." )
looks like unbound don't follow that "SHOULD" recommendations.
it this a miss-configuration on my side ?
my unbound.conf:
server:
ip-address: ::1
chroot: /chroot/unbound
do-daemonize: no
val-log-level: 2
trust-anchor: ". DS 19036 8 2
49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5"
# other options
adding local-zone statements make unbound fixes the "un-conformance" here.
server:
local-zone: "test." static
local-zone: "invalid." static
Andreas
More information about the Unbound-users
mailing list