val-permissive-mode not working via unbound-control ?
wouter at nlnetlabs.nl
Wed Jun 7 07:01:51 UTC 2017
This was caused by copy of the setting at initialisation, but now I've
fixed it so that it uses the config structure, and unbound-control
should be able to control val-permissive-mode (combine with flush_bogus
to remove the cached validation failures), and val-clean-additional.
Best regards, Wouter
On 06/06/17 22:48, Paul Wouters via Unbound-users wrote:
> I tried the following:
> service unbound restart
> sudo unbound-control set_option val-permissive-mode: yes
> dig www.dnssec-failed.org
> But that still gives a servfail.
> Sprinking various flush_* options also did not seem to help.
> Is this a bug or a feature? :)
> Setting val-permissive-mode: yes in unbound.conf and restarting
> does work as expected.
> ps. don't test this using dnssec-tools.org as test.dnssec-tools.org
> seems to have lost its DS record so all test domains are insecure
> and no longer bogus :P
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Unbound-users