Maintained by: NLnet Labs

[Unbound-users] unbound refuses to respons non-recursive queries

Robert Edmonds
Sat May 21 18:54:43 CEST 2011


Peter Koch wrote:
> On Thu, May 19, 2011 at 01:15:36PM -0400, Robert Edmonds wrote:
> 
> > RD bit cleared towards a recursive server is a cache snooping attempt.
> 
> i do DNS debugging, i'm clearly a criminal:

i do DNS debugging too, but not with so crude a tool as cache snooping
;)

> >       give both recursive and non recursive access.  The name
> >       allow_snoop refers to cache snooping, a  technique  to  use
> >       nonrecursive  queries to examine the cache contents (for malicious
> 
> baby, bathwater.

well, the man page could be less judgmental but i see no reason for a
debugging feature like cache snooping to be enabled by default.

-- 
Robert Edmonds
edmonds at debian.org