On Fri, 4 Sep 2009, W.C.A. Wijngaards wrote:
But I am thinking how to make this easier on other people that aren't as smart as you are to figure this out. Or to make unbound smarter so it won't get into this trouble. I don't know.
It's hard. We have the same issue with openswan where people can send us a 'barf', a full debug file. It's fairly easy for me to spot most problems within a few minutes. But for an inexperienced person it is next to impossible. We had an automatic 'barf analyser' a long time ago but it was only capable of finding the simple mistakes. With DNS, and cache and TTL, this becomes even harder to automate. You keep mentioning drill, but I find drill hard to use because I need to give it trust anchors, where unbound-host I can run without any new configuration and it will just pick up my configured trust anchors. I guess in this case, dnscheck --test=consistency would have spotted this one. Paul _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
