Hi,
I'm getting random failures or various domains with unbound 1.3.4. (I know about 1.4.1) Just now, reviews.ebay.ca failed to resolve. A dig without +dnssec gave me ServFail. A dig with +cd gave me a response: [p...@bofh ~]$ dig +dnssec +cd reviews.ebay.ca @193.110.157.136 ; <<>> DiG 9.6.1-P2-RedHat-9.6.1-13.P2.fc12 <<>> +dnssec +cd reviews.ebay.ca @193.110.157.136 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25715 ;; flags: qr rd ra cd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;reviews.ebay.ca. IN A ;; ANSWER SECTION: reviews.ebay.ca. 248 IN CNAME reviews.intl.ebay.com. reviews.intl.ebay.com. 3548 IN CNAME search-desc.intl.ebay.com. search-desc.intl.ebay.com. 248 IN A 66.211.160.141 search-desc.intl.ebay.com. 248 IN A 66.135.202.75 ;; Query time: 104 msec ;; SERVER: 193.110.157.136#53(193.110.157.136) ;; WHEN: Tue Jan 12 17:26:16 2010 ;; MSG SIZE rcvd: 137 My first question is, does unbound disable more then just dnssec when using the CD flag? (and if so, is that expected? I always assumed CD was only for DNSSEC validation bypassing) My second question is if this is one of the bugs fixed in 1.4.1 + r1953. Paul _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
