Re: RA flag missing on NSEC negative cache responses

[Jürgen Stauber via Unbound-users]

Hi Yorgos,

actually I observe the error mainly with various .cdn.cloudflare.net 
<http://cdn.cloudflare.net/>-domains. It seems that the behavior is specific to 
the cachedb module and only occurs when the cached answer's TTL has expired 
while the NSEC records remain cached. The synthesized NODATA/NXDOMAIN response 
is issued directly from the cachedb module, without the iterator-module and no 
RA flag is added to the response.
Manually I have trouble reproducing the issue with dig, but it is observed 
continuously with my dnsmasq instance.

Unbound version: 1.24.2
My module-config: validator cachedb iterator

In the logs below, you can observe two distinct unbound instances (127.0.0.1 
and 192.168.1.160). One instance was patched (127.0.0.1) and the dnsmasq 
warning no longer pops up:

--- a/cachedb/cachedb.c
+++ b/cachedb/cachedb.c
@@ -724,6 +724,13 @@
        }
        if(!msg)
                return 0;
+       /* fixup flags to be sensible for a reply based on the cache.
+        * This module means that RA is available. It is an answer QR.
+        * Not AA from cache. Not CD in cache (depends on client bit).
+        * This is needed because val_neg_getmsg() synthesizes messages
+        * with dns_msg_create() which only sets BIT_QR, missing BIT_RA. */
+       msg->rep->flags |= (BIT_RA | BIT_QR);
+       msg->rep->flags &= ~(BIT_AA | BIT_CD);
        /* this is the returned msg */
        qstate->return_rcode = LDNS_RCODE_NOERROR;
        qstate->return_msg = msg;

'rpz-signal-nxdomain-ra: yes’  is not set on my end - afaik it defaults to no.

Here are some dnsmasq logs that show the “issue” from dnsmasq’s perspective:

Feb 15 00:29:21 dnsmasq[1084]: query[A] connect.garmin.com from 192.168.1.188
Feb 15 00:29:21 dnsmasq[1084]: forwarded connect.garmin.com to 127.0.0.1#2053
Feb 15 00:29:21 dnsmasq[1084]: reply connect.garmin.com is <CNAME>
Feb 15 00:29:21 dnsmasq[1084]: reply connect.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 00:29:21 dnsmasq[1084]: reply connect.garmin.com is <CNAME>
Feb 15 00:29:21 dnsmasq[1084]: reply connect.garmin.com.cdn.cloudflare.net is 
104.17.167.14
Feb 15 00:29:21 dnsmasq[1084]: reply connect.garmin.com.cdn.cloudflare.net is 
104.17.168.14
Feb 15 00:29:22 dnsmasq[1084]: query[HTTPS] 
connect.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 00:29:22 dnsmasq[1084]: forwarded connect.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 00:29:22 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 02:39:32 dnsmasq[1084]: query[A] api.gcs.garmin.com from 192.168.1.188
Feb 15 02:39:32 dnsmasq[1084]: forwarded api.gcs.garmin.com to 127.0.0.1#2053
Feb 15 02:39:33 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 02:39:33 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.9.45
Feb 15 02:39:33 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.8.45
Feb 15 02:39:33 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 02:39:33 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 02:39:33 dnsmasq[1084]: query[HTTPS] 
api.gcs.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 02:39:33 dnsmasq[1084]: forwarded api.gcs.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 02:39:33 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.150.222
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.151.222
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.152.222
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.154.222
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.153.222
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com is <CNAME>
Feb 15 05:50:39 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is NODATA
Feb 15 05:50:39 dnsmasq[1084]: query[HTTPS] 
connectapi.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 05:50:39 dnsmasq[1084]: forwarded 
connectapi.garmin.com.cdn.cloudflare.net to 127.0.0.1#2053
Feb 15 05:50:39 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 05:58:39 dnsmasq[1084]: query[A] api.gcs.garmin.com from 192.168.1.188
Feb 15 05:58:39 dnsmasq[1084]: forwarded api.gcs.garmin.com to 127.0.0.1#2053
Feb 15 05:58:39 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 05:58:39 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 05:58:39 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 05:58:39 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.8.45
Feb 15 05:58:39 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.9.45
Feb 15 05:58:39 dnsmasq[1084]: query[HTTPS] 
api.gcs.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 05:58:39 dnsmasq[1084]: forwarded api.gcs.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 05:58:39 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 06:06:52 dnsmasq[1084]: query[HTTPS] api.gcs.garmin.com from 
192.168.1.188
Feb 15 06:06:52 dnsmasq[1084]: forwarded api.gcs.garmin.com to 127.0.0.1#2053
Feb 15 06:06:52 dnsmasq[1084]: query[A] api.gcs.garmin.com from 192.168.1.188
Feb 15 06:06:52 dnsmasq[1084]: forwarded api.gcs.garmin.com to 127.0.0.1#2053
Feb 15 06:06:52 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 06:06:52 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 06:06:52 dnsmasq[1084]: query[HTTPS] 
api.gcs.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 06:06:52 dnsmasq[1084]: forwarded api.gcs.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 06:06:52 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 06:14:24 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 06:14:24 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.8.45
Feb 15 06:14:24 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.9.45
Feb 15 06:14:24 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 06:14:24 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 06:14:24 dnsmasq[1084]: query[HTTPS] 
api.gcs.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 06:14:24 dnsmasq[1084]: forwarded api.gcs.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 06:14:24 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 07:15:01 dnsmasq[1084]: query[A] api.gcs.garmin.com from 192.168.1.188
Feb 15 07:15:01 dnsmasq[1084]: forwarded api.gcs.garmin.com to 127.0.0.1#2053
Feb 15 07:15:01 dnsmasq[1084]: reply omt.garmin.com is <CNAME>
Feb 15 07:15:01 dnsmasq[1084]: reply omt.garmin.com.cdn.cloudflare.net is NODATA
Feb 15 07:15:01 dnsmasq[1084]: reply omt.garmin.com is <CNAME>
Feb 15 07:15:01 dnsmasq[1084]: reply omt.garmin.com.cdn.cloudflare.net is 
104.17.71.10
Feb 15 07:15:01 dnsmasq[1084]: reply omt.garmin.com.cdn.cloudflare.net is 
104.17.70.10
Feb 15 07:15:01 dnsmasq[1084]: query[HTTPS] omt.garmin.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 15 07:15:01 dnsmasq[1084]: forwarded omt.garmin.com.cdn.cloudflare.net to 
127.0.0.1#2053
Feb 15 07:15:01 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 07:15:05 dnsmasq[1084]: query[HTTPS] 
connectapi.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 07:15:05 dnsmasq[1084]: forwarded 
connectapi.garmin.com.cdn.cloudflare.net to 127.0.0.1#2053
Feb 15 07:15:05 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 07:22:55 dnsmasq[1084]: reply connectapi.garmin.com is <CNAME>
Feb 15 07:22:55 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is NODATA
Feb 15 07:22:55 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 07:22:55 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.9.45
Feb 15 07:22:55 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.8.45
Feb 15 07:22:55 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 07:22:55 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 07:22:55 dnsmasq[1084]: query[HTTPS] 
api.gcs.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 07:22:55 dnsmasq[1084]: forwarded api.gcs.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 07:22:55 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 08:24:45 dnsmasq[1084]: reply omt.garmin.com.cdn.cloudflare.net is 
104.17.70.10
Feb 15 08:24:45 dnsmasq[1084]: query[HTTPS] connectapi.garmin.com from 
192.168.1.188
Feb 15 08:24:45 dnsmasq[1084]: forwarded connectapi.garmin.com to 127.0.0.1#2053
Feb 15 08:24:45 dnsmasq[1084]: query[A] connectapi.garmin.com from 192.168.1.188
Feb 15 08:24:45 dnsmasq[1084]: forwarded connectapi.garmin.com to 127.0.0.1#2053
Feb 15 08:24:45 dnsmasq[1084]: reply connectapi.garmin.com is <CNAME>
Feb 15 08:24:45 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is NODATA
Feb 15 08:24:45 dnsmasq[1084]: query[HTTPS] 
connectapi.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 08:24:45 dnsmasq[1084]: forwarded 
connectapi.garmin.com.cdn.cloudflare.net to 127.0.0.1#2053
Feb 15 08:24:45 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.154.222
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.150.222
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.151.222
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.152.222
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is 104.17.153.222
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com is <CNAME>
Feb 15 08:54:35 dnsmasq[1084]: reply connectapi.garmin.com.cdn.cloudflare.net 
is NODATA
Feb 15 08:54:35 dnsmasq[1084]: query[HTTPS] 
connectapi.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 08:54:35 dnsmasq[1084]: forwarded 
connectapi.garmin.com.cdn.cloudflare.net to 127.0.0.1#2053
Feb 15 08:54:35 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 10:09:38 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 15 10:09:38 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
NODATA
Feb 15 10:09:38 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 15 10:09:38 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
104.19.151.56
Feb 15 10:09:38 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
104.19.152.56
Feb 15 10:09:38 dnsmasq[1084]: query[HTTPS] cache.dciwx.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 15 10:09:38 dnsmasq[1084]: forwarded cache.dciwx.com.cdn.cloudflare.net to 
127.0.0.1#2053
Feb 15 10:09:38 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 11:54:58 dnsmasq[1084]: reply connect.garmin.com is <CNAME>
Feb 15 11:54:58 dnsmasq[1084]: reply connect.garmin.com.cdn.cloudflare.net is 
104.17.167.14
Feb 15 11:54:58 dnsmasq[1084]: reply connect.garmin.com.cdn.cloudflare.net is 
104.17.168.14
Feb 15 11:54:58 dnsmasq[1084]: reply connect.garmin.com is <CNAME>
Feb 15 11:54:58 dnsmasq[1084]: reply connect.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 11:54:58 dnsmasq[1084]: query[HTTPS] 
connect.garmin.com.cdn.cloudflare.net from 192.168.1.218
Feb 15 11:54:58 dnsmasq[1084]: forwarded connect.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 11:54:58 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 11:59:18 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 11:59:18 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.8.45
Feb 15 11:59:18 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
104.16.9.45
Feb 15 11:59:18 dnsmasq[1084]: reply api.gcs.garmin.com is <CNAME>
Feb 15 11:59:18 dnsmasq[1084]: reply api.gcs.garmin.com.cdn.cloudflare.net is 
NODATA
Feb 15 11:59:18 dnsmasq[1084]: query[HTTPS] 
api.gcs.garmin.com.cdn.cloudflare.net from 192.168.1.188
Feb 15 11:59:18 dnsmasq[1084]: forwarded api.gcs.garmin.com.cdn.cloudflare.net 
to 127.0.0.1#2053
Feb 15 11:59:18 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 12:09:39 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 15 12:09:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
104.19.152.56
Feb 15 12:09:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
104.19.151.56
Feb 15 12:09:39 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 15 12:09:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
NODATA
Feb 15 12:09:39 dnsmasq[1084]: query[HTTPS] cache.dciwx.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 15 12:09:39 dnsmasq[1084]: forwarded cache.dciwx.com.cdn.cloudflare.net to 
127.0.0.1#2053
Feb 15 12:09:39 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 12:21:09 dnsmasq[1084]: query[HTTPS] omt.garmin.com.cdn.cloudflare.net 
from 192.168.1.218
Feb 15 12:21:09 dnsmasq[1084]: forwarded omt.garmin.com.cdn.cloudflare.net to 
127.0.0.1#2053
Feb 15 12:21:09 dnsmasq[1084]: nameserver 127.0.0.1 refused to do a recursive 
query
--
Feb 15 22:57:45 dnsmasq[1084]: query[HTTPS] omt.garmin.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 15 22:57:45 dnsmasq[1084]: forwarded omt.garmin.com.cdn.cloudflare.net to 
192.168.1.160#5053
Feb 15 22:57:45 dnsmasq[1084]: nameserver 192.168.1.160 refused to do a 
recursive query
--
Feb 16 06:54:02 dnsmasq[1084]: query[HTTPS] static.licdn.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 16 06:54:02 dnsmasq[1084]: forwarded static.licdn.com.cdn.cloudflare.net to 
192.168.1.160#5053
Feb 16 06:54:02 dnsmasq[1084]: nameserver 192.168.1.160 refused to do a 
recursive query
--
Feb 16 08:39:39 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 16 08:39:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
NODATA
Feb 16 08:39:39 dnsmasq[1084]: query[HTTPS] cache.dciwx.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 16 08:39:39 dnsmasq[1084]: forwarded cache.dciwx.com.cdn.cloudflare.net to 
192.168.1.160#5053
Feb 16 08:39:39 dnsmasq[1084]: nameserver 192.168.1.160 refused to do a 
recursive query
--
Feb 16 09:39:38 dnsmasq[1084]: query[HTTPS] cache.dciwx.com from 192.168.1.188
Feb 16 09:39:38 dnsmasq[1084]: forwarded cache.dciwx.com to 192.168.1.160#5053
Feb 16 09:39:38 dnsmasq[1084]: query[A] cache.dciwx.com from 192.168.1.188
Feb 16 09:39:38 dnsmasq[1084]: forwarded cache.dciwx.com to 192.168.1.160#5053
Feb 16 09:39:39 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 16 09:39:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
NODATA
Feb 16 09:39:39 dnsmasq[1084]: query[HTTPS] cache.dciwx.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 16 09:39:39 dnsmasq[1084]: forwarded cache.dciwx.com.cdn.cloudflare.net to 
192.168.1.160#5053
Feb 16 09:39:39 dnsmasq[1084]: nameserver 192.168.1.160 refused to do a 
recursive query
--
Feb 16 10:39:39 dnsmasq[1084]: query[A] cache.dciwx.com from 192.168.1.188
Feb 16 10:39:39 dnsmasq[1084]: forwarded cache.dciwx.com to 192.168.1.160#5053
Feb 16 10:39:39 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 16 10:39:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
NODATA
Feb 16 10:39:39 dnsmasq[1084]: reply cache.dciwx.com is <CNAME>
Feb 16 10:39:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
104.19.151.56
Feb 16 10:39:39 dnsmasq[1084]: reply cache.dciwx.com.cdn.cloudflare.net is 
104.19.152.56
Feb 16 10:39:39 dnsmasq[1084]: query[HTTPS] cache.dciwx.com.cdn.cloudflare.net 
from 192.168.1.188
Feb 16 10:39:39 dnsmasq[1084]: forwarded cache.dciwx.com.cdn.cloudflare.net to 
192.168.1.160#5053
Feb 16 10:39:39 dnsmasq[1084]: nameserver 192.168.1.160 refused to do a 
recursive query

Best regards,
Jürgen

> On 16.02.2026, at 14:01, Yorgos Thessalonikefs via Unbound-users 
> <unbound-users@lists.nlnetlabs.nl> wrote:
> 
> Hi Jürgen,
> 
> Do you have a concrete case we can look at?
> Testcases in Unbound do return the RA flag when 'aggressive-nsec: yes' is 
> used (by default).
> 
> Maybe you are using RPZ data and you have set
> 'rpz-signal-nxdomain-ra: yes' [1] ?
> Btw yhis option was explicitly requested to play nice with dnsmasq IIRC.
> 
> Best regards,
> -- Yorgos
> 
> [1] 
> https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html#unbound-conf-rpz-rpz-signal-nxdomain-ra
> 
> On 16/02/2026 11:12, Jürgen Stauber via Unbound-users wrote:
>> Hello together,
>> I’m running unbound as my recursive resolver and encountered various 
>> "dnsmasq: nameserver 127.0.0.1 refused to do a recursive query” error 
>> messages. After some debugging with the help of an LLM it seems that the RA 
>> flag is missing when receiving synthesized NODATA or NXDOMAIN responses from 
>> the NSEC negative cache. Now I’m not sure if this is a bug and an issue 
>> should be opened or if this intended behavior.  Do you need further info to 
>> make an assessment? If so, what kind of input would help?
>> Thanks and kind regards
>> Jürgen
>