Maintained by: NLnet Labs

[Unbound-users] [wishlist] unbound vs djbdns

Jaap Akkerhuis
Tue Jun 14 20:51:00 CEST 2011


    >
    > For security reasons, you shouldn't really parse traffic on a production
    > system, though you could write the logfile and do so offline.
    
    ...which would be a good reason for unbound to do the logging itself. 
    Unbound has already parsed the DNS packet, by necessity.

I don't understand this logic. For "security reason" one should not parse
traffic on the production box, but it is OK that unbound
(that is in prduction on this box) does parse it?

Confused,

	jaap