On Wed, Aug 26, 2009 at 2:47 PM, Stephane Bortzmeyer <bortzmeyer at nic.fr>wrote: > On Mon, Aug 17, 2009 at 02:43:46PM +0000, > Florian Weimer <fweimer at bfk.de> wrote > a message of 18 lines which said: > > > Please post full trace output, e.g. the result of "dig www.atac.fr > > +trace +all +norecurse" if you still can reproduce the issue. > > Interesting, this set of options do not work with an Unbound resolver: > > % dig www.atac.fr +trace +all +norecurse > > ; <<>> DiG 9.5.1-P3 <<>> www.atac.fr +trace +all +norecurse > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 1483 > ;; flags: qr; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > ;; Query time: 0 msec > ;; SERVER: ::1#53(::1) > ;; WHEN: Wed Aug 26 14:45:27 2009 > ;; MSG SIZE rcvd: 12 Hi Stephane, You need to add 'allow_snoop' to your access-control statement in unbound.conf Example access-control: 0.0.0.0/0 allow_snoop Cheers, Gareth -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20090826/75d19005/attachment.htm>