Luiz Fernando Softov
fernando at softov.com.br
Tue Jul 13 10:42:28 UTC 2021
I was trying to use auth-zone and I succeeded in getting it running.
Simple example.com and in-addr.arpa zones.
Then I used ldns-keygen, ldns-signzone and created signed zones.
When I was trying to transfer the zone I figured out that unbound don't do
AXFR or IXFR.
In the doc
If you point it at another Unbound instance, it would not work
because that does not support AXFR/IXFR for the zone, but if you
used url: to download the zonefile as a text file from a web-
server that would work.
Is there any reason for this working that way?
Unbound was written for the same people* that write NSD, correct?
Even the same lib LDNS is present in the code.
ps. a long time since 1.7.1 was released, I needed to compile the develop
branch (1.7.2), since there are a lot of corrections, leak stuff, ...)
Unbound already has auth-zone, update using http :O, why don't AXFR and
XFR also provides security, best I know.
Is this related with no time to code? A software design?
Are There plans support XFR?
I can try to code and make a Pull Request?
Or is there some other reason, and this can't be done?
I want to just use unbound, don't want to use nsd or bind with stub.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Unbound-users