On Thu, 4 Feb 2010, Leen Besselink wrote:
And I found out unbound was sending queries with the D0-bit set, but it isn't configured to actually validate anything.
unbound does validation per default. You can disable this using val-permissive-mode:yes however, it will still perform queries with the DO bit, and validation. It will just pass the data along anyway (as if the client send the CD bit)
Is their a way to turn this off when needed (for example if I'm running unbound on a laptop and am somewhere with a bad firewall) ?
unbound should recover from those failures (eg TCP 53 firewalled, or UDP >512bytes failing) by itself. Paul _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
