Maintained by: NLnet Labs

[Unbound-users] How to config whitelist for EDNS client subnetin unbound

Larry Havemann
Thu Dec 18 19:03:01 CET 2014


Just a simple warning on using this branch, none of the issues detailed in
this mailing list thread have been addressed:
http://t28223.network-dns-unbound-user.dnstalk.us/edns-client-subnets-t28223.html

-Larry

-Larry

On Thu, Dec 18, 2014 at 2:13 AM, Yuri Schaeffer <yuri at nlnetlabs.nl> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > very thanks. Do the unbound cache the result that contain
> > edns-client-subnet information?
>
> Yes!
> It has an additional cache for ECS responses. For performance reasons
> lookups in this cache are only done when there are reasons to believe
> it is necessary. I.e. 1) When an answer is not found in the regular
> cache and the authority server is whitelisted. or 2) The client
> includes ECS option.
>
> //Yuri
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iEYEARECAAYFAlSSqLoACgkQI3PTR4mhaviDBgCgzrnSOCX0wggIdjF2WkCtDbiR
> WcUAn3zQ0WDD9lsonKs3XdB8PKmEmXjM
> =3o06
> -----END PGP SIGNATURE-----
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20141218/f642f66f/attachment.html>