Zitat von "W.C.A. Wijngaards" <[email protected]>:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Andreas,
Now I see this is a forward zone, so +norec no answer, because the
x.x.x.x is a recursive cache. Somehow this cache has trouble
returning dnssec enabled data (once in a while? Load balancer?)
Hello
no, it is a simple two stage unbound cascade. The forwarder does also
act as resolver cache for the DMZ mailserver and had as said no
problem resolving names during the whole outage of the internal
unbound cache. During the outage i was also able to query the
forwarder from the machine running the internal cache without
problems, but i only tested simple A/MX queries. I guess it will be
best to dumb-down the internal as cache only and let the firewall do
the work, no?
Many Thanks
Andreas
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
