IN TXT & NULL trash records

Maciej Gawron gaweron at
Thu Nov 22 23:03:06 UTC 2018

Well...I am not necessarily concerned by fact of DNS tunnel usage.
Users without permission for network traffic are successfully blocked.
Examples that i observe are rather experiments, not attempts of
stealing transfer (since they are allowed to make regular transfer).
What makes me worried: the transfer made through the tunnels is in
fact fully saved in cache... that's risky in terms of resources
(mainly memory). that's why forwarding TXT & NULL without saving
initially sounded like elegant solution for me.

> Thanks for the elaboration. It would be cool indeed if the resolver would be able to detect anomalies in DNS traffic (and deploy counter measures)

I like its simplicity, and intelligence around:)

More information about the Unbound-users mailing list