Maintained by: NLnet Labs

[Unbound-users] modifying cached results

W.C.A. Wijngaards
Mon Oct 5 09:13:11 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Christof,

On 09/27/2009 11:25 PM, Christof Chen wrote:
> is it possible to modify responses from the unbound cache _just_before_
> they are sent out to the client?

No

(unless you edit the code, it is open source :-) )

> I want to replace NS records in a transparent zone - the NS records
> should be unmodified for all the internal cache fetching operations, but
> replaced for clients asking the cache.

This is not supported right now, the transparent zone determines
all of the answer depending on the query by the client.
Either it is all from static config, or all from the wire.

> Currently it looks as if the state machine does not call the operate()
> action within pythonmod when the entry is found in the cache.

Yes that is correct.  This keeps some semblance of performance
while using pythonmod :-)

On a more serious note, also the other modules are not activated,
again, for performance reasons.

I have seen one solution to this by someone, by setting the TTL to zero
from pythonmod, you basically force no-caching on the result, and you
can modify every result sent to the client. (other queries are still
cached).

If you only want to have some NS used for queries by unbound, and not
sent to the client, perhaps you want a stub-zone definition and not a
transparent local-zone?

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkrJnIcACgkQkDLqNwOhpPjfyACgrzcMp0sndTeoVDoiIhjjobnI
oWAAoKFOue5AR0Y8IvgMI8itpKj1VOzZ
=Em8V
-----END PGP SIGNATURE-----