Maintained by: NLnet Labs

[Unbound-users] Reverse DNS Caching Proxy (was: Unbound as an "authoritative" cache?)

Oliver Peter
Wed Nov 13 09:14:23 CET 2013


Jan-Piet brought up the discussion a couple of years ago:
  http://unbound.net/pipermail/unbound-users/2008-February/000021.html

Background:  We have indeed a slow master nameserver and we were
thinking about taking advantage of unbounds fast cache.

	-- [ Unbound ] --> [ forward-addr: ] --> [ Master ]

The problem here is that unbound is doing it's job right:
	- mark the reply as RA instead of AA
	- countdown the cached TTL

Furthermore the master also allows AXFR and notifies - stuff that's
obviously not supported by a resolver.

Does anyone have an idea how to use unbound in front of an
authoritative nameserver?


-- 
Oliver PETER		oliver at gfuzz.de		0x456D688F
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20131113/0393404b/attachment.sig>