Maintained by: NLnet Labs

[Unbound-users] small bug ?

Paul Wouters
Thu Feb 4 15:35:16 CET 2010


On Thu, 4 Feb 2010, Leen Besselink wrote:

> And I found out unbound was sending queries with the D0-bit set, but it isn't 
> configured to actually validate anything.

unbound does validation per default. You can disable this using

val-permissive-mode:yes

however, it will still perform queries with the DO bit, and validation.
It will just pass the data along anyway (as if the client send the CD bit)

> Is their a way to turn this off when needed (for example if I'm running 
> unbound on a laptop and am somewhere with a bad firewall) ?

unbound should recover from those failures (eg TCP 53 firewalled, or
UDP >512bytes failing) by itself.

Paul