On Fri, Aug 17, 2012 at 3:54 AM, W.C.A. Wijngaards <[email protected]>wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi Mariano, > > On 08/16/2012 05:27 PM, Mariano Absatz - gmail wrote: > > Hi, > > > > I just compiled and installed lnsd 1.6.13 and unbound 1.4.18 on a > > debian lenny VM. > > > > Since I was getting temporary failures, I raised the log verbosity > > to 3 and the log (which I add at the end of the message) seems to > > indicate that queries to the root name server are either not being > > sent or not being answered... > > > > I kinda manually replicated the behavior of the resolver (using > > dbndns' dnsq command) in the same machine and got instant responses > > in every case (copied below the log). > > Did you set +dnssec and +cdflag (options for 'dig') on the queries you > tested yourself? If not, your test differed from what unbound does. > Nope... I hadn't even enabled dnssec 'cause I wanted to test plain old resolution first. > The answers are bigger with the signatures included. Maybe you have a > firewall that drops UDP packets bigger than 512 bytes? > That might be... I'll talk with the firewall guy and check that (and come back next week since I won't have access to the server until Monday). Thanx for your help. -- Mariano Absatz - El Baby www.clueless.com.ar
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
