-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Wouter.
On 08.10.2010 14:59, W.C.A. Wijngaards wrote: > In the interest of prevention of feature bloat, I would like to ask, > apart from thanking you for reporting the oddity, if such code is really > necessary? Unbound's behaviour was quite unexpected and in my case caused Unbound to use a tunneled IP address instead of a direct route. Although it works for me, I think Unbound should use "outgoing-interface" for TCP, too. > (and would random sampling then be sufficient?) TCP offers enough spoof protection, so even using only the first configured address would be sufficient, IMHO. Random sampling would be more consistent with UDP behaviour, though. Hauke. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyyRW4ACgkQKIgAG9lfHFOvUwCffsiq3ThW400LCqEE71S9cVXg dNMAoL1P9bhMlIw9IRHC1REhyqybckky =JCUw -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
