On Mon, 25 Jul 2011, Paul Wouters wrote:
Now I'm trying to get dnssec working but I've run in to some problems.
Why are you doing this? unbound can do queries using just tcp per default, so
you
do not need to use ttdnsd. I assume you're trying to proxy dns to an
anonymiser
network like tor?
Try this unbound patch, and set unbound to use tcp only in unbound.conf using
do-udp:no and do-tcp:yes.
That should be do-udp:yes. The patch disabled the activation of udp for outgoing
queries but the do-udp:yes allows udp for incoming (localhost) queries.
Paul
I've sent this to the tor people before, but they haven't gotten back to me
with test results. If we have positive results, we might be able to convince
Wouter to make the below patch a runtime option.
Index: daemon/worker.c
===================================================================
- --- daemon/worker.c (revision 2279)
+++ daemon/worker.c (working copy)
@@ -1090,7 +1090,7 @@
worker->daemon->env->infra_cache, worker->rndstate,
cfg->use_caps_bits_for_id, worker->ports, worker->numports,
cfg->unwanted_threshold, &worker_alloc_cleanup, worker,
- - cfg->do_udp);
+ 0);
if(!worker->back) {
log_err("could not create outgoing sockets");
worker_delete(worker);
Paul
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
