-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Martin, Glad to hear your stub-zone problem is solved. martin f krafft wrote: > Is it possible to serve stub-zones authoritatively? It makes sense > for unbound not to clear the authoritative flag for queries it > proxied to stub-zones, doesn't it? No, it does not look like solid theory. I understand it could be useful in practice. You see, the stub may have returned CNAMEs or delegations to other servers. Unbound would do the additional lookups. Results stored in the cache with a TTL. Setting AA flag for that is not correct. Unbound does set AA flag for local-data. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkjjjrYACgkQkDLqNwOhpPjOuwCggiuwYsh9+785Lv0nNCrXjtrF HT0An38orIg2a309iBjTMsaVikn7Mt/2 =FTNc -----END PGP SIGNATURE-----