Luiz Fernando Softov fernando at softov.com.br
Tue Jul 13 10:42:28 UTC 2021

I was trying to use auth-zone and I succeeded in getting it running.
Simple example.com and in-addr.arpa zones.
Then I used ldns-keygen, ldns-signzone and created signed zones.

When I was trying to transfer the zone I figured out that unbound don't do

In the doc
If  you  point it at another Unbound instance, it would not work
because that does not support AXFR/IXFR for the zone, but if you
used  url:  to  download the zonefile as a text file from a web-
server that would work.

Is there any reason for this working that way?
Unbound was written for the same people* that write NSD, correct?

Even the same lib LDNS is present in the code.

ps. a long time since 1.7.1 was released, I needed to compile the develop
branch (1.7.2), since there are a lot of corrections, leak stuff, ...)

Unbound already has auth-zone, update using http :O, why don't AXFR and
XFR also provides security, best I know.

Is this related with no time to code? A software design?
Are There plans support XFR?

I can try to code and make a Pull Request?
Or is there some other reason, and this can't be done?

I want to just use unbound, don't want to use nsd or bind with stub.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20210713/27e9a0ad/attachment.htm>

More information about the Unbound-users mailing list