Unbound 1.7.2rc1 pre-release
list.unbound at omnilan.de
Tue Jun 5 07:38:13 UTC 2018
Am 05.06.2018 um 09:29 schrieb W.C.A. Wijngaards:
> Hi Harry,
> On 05/06/18 09:23, Harry Schmalzbauer wrote:
>> Am 04.06.2018 um 14:07 schrieb W.C.A. Wijngaards via Unbound-users:
>>> Unbound 1.7.2rc1 pre-release is available:
>>> sha256 561c33f80b757820e3bd632cd339673da84a71dbb6328d124324db2c63a7f833
>> me again, again regarding auth-zones:
>> I'm running 1.7.2rc1 on FreeBSD11.2/adm64 and can confirm that the
>> NOTIFY-dedlock vanished.
>> But CNAME records aren't resolved as soon as the record comes from
>> Other problems keep me from thinking/researching, but as far as I know,
>> the authoritative server has to return the CANME results alsong with the
>> record, correct?
> Yes, but only if you set for-downstream: no and for-upstream: yes.
> With for-downstream, if that was enabled, then unbound responds with the
> authority response to the downstream client, and that response does not
> contain the CNAME result (in fact Unbound includes CNAME results, but
thanks a lot for your quick help.
Pilot error here: I had for-downstream: yes (and for-upstream: yes).
Sorry for the noise, will need some time to have a closer look at those
two options and their meaning.
Your hints are very helpful, but I'm unsure what I want right now ;-)
> only if it is from the same auth-zone). The for-upstream: yes makes
> unbound resolve CNAMEs, and pick information from the auth-zone where
> If the config that is used has these settings, then I would be
> interested in some more information. What CNAME and so? How to
> reproduce or perhaps a simple verbosity 4 log of what is happening.
Will drop a note as soon as I had time to play with that, but I guess
everything is working like designed, it's just a configuration error on
More information about the Unbound-users