Maintained by: NLnet Labs

[Unbound-users] Unbound stops answering after ADSL-line bounce

lst_hoe02 at kwsoft.de
Fri Jan 27 13:57:37 CET 2012


Zitat von Jan-Piet Mens <jpmens.dns at gmail.com>:

>>                                  We have "solved" the problem by
>> setting the internal Unbound to not validate and let the forwarder
>> do the DNSSEC work.
>
> That would be a neat feature for DNSSEC-Trigger: detect that the
> upstream forwarder is Unbound (version.bind chaos txt) and disable the
> validator. Well, maybe not. :-)

In our case it doesn't matter because both resolvers are managed by  
us, but for sure this should not be done automatically. Basically it  
looks like there are "rough-edges" when cascaded resolvers all try to  
do DNSSEC validation.

Regards

Andreas