Allowed Characters in DNS names in unbound's local data: IDN

Ron Varburg ronvarburg at
Thu Nov 28 12:22:53 UTC 2019

 I think, though I haven't checked, that:
1. IDN is designed so that each byte, on 8 bit boundaries, would look like a printable ASCII character.
2. Therefore, any DNS software would support it out of the box, without being aware of it.

So just meet IDN restrictions in your plans to your org DNS Names/CNAME, unbound local data, whatever.     On Wednesday, November 27, 2019, 9:33:42 PM GMT, Patrik Fältström <paf at> wrote:  
 What is called "IDNA2008" is in use "all over the place" and is the way of encoding Unicode so that the encoded strings can be used as domain names.

  Patrik Fältström

On 27 Nov 2019, at 8:51, Ron Varburg via Unbound-users wrote:

>  Does related
> to your question? Even if it does, I wonder myself how much it is used.    On Tuesday, November 26, 2019, 3:04:31 PM GMT, Shanmuga Rao via Unbound-users <unbound-users at> wrote:
>  Hello, 
> We are planning to use unbound to perform DNS overrides for traffic  redirection in certain locations within our org.  I was wondering if there are any restrictions imposed on the DNS Names/CNAMEs we would add in the unbound.conf under local zone and data? 
> For example, AD DNS contains a list of characters that are not allowed, list of characters/digits a record should not start with etc. Do the same rule apply to unbound as well or can we go a bit crazy with our naming conventions ?
> I apologize in advance If there is already some documentation on this.  Please redirect me to them if available. 
> Thanks!!   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Unbound-users mailing list