Maintained by: NLnet Labs

[Unbound-users] How to config whitelist for EDNS client subnetin unbound

Yuri Schaeffer
Thu Dec 18 11:13:14 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> very thanks. Do the unbound cache the result that contain
> edns-client-subnet information?

Yes!
It has an additional cache for ECS responses. For performance reasons
lookups in this cache are only done when there are reasons to believe
it is necessary. I.e. 1) When an answer is not found in the regular
cache and the authority server is whitelisted. or 2) The client
includes ECS option.

//Yuri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlSSqLoACgkQI3PTR4mhaviDBgCgzrnSOCX0wggIdjF2WkCtDbiR
WcUAn3zQ0WDD9lsonKs3XdB8PKmEmXjM
=3o06
-----END PGP SIGNATURE-----