Hi,I'm running Unound 1.7.0 with all the fancy features enabled (qname minimisation, aggressive NSEC caching, the lot).
When I start with an empty cache, this DNAME domain causes a SERVFAIL: dig A _sidn._dnssec-valcheck-20180418.z-347054971.bergzand.nl (same for slxh.nl) Second attempt gives the expected NXDOMAIN. Anyone any clue of what is happening here?Appears qname minimisation related, because unbound-host also results in a bogus with that option enabled.
[1524050954] libunbound[16982:0] info: validate(cname): sec_status_secureHost _sidn._dnssec-valcheck-20180418.z-347054971.bergzand.nl not found: 3(NXDOMAIN). (BOGUS (security failure)) validation failure <_sidn._dnssec-valcheck-20180418.z-347054971.bergzand.nl. A IN>: misc failure
-- Marco
signature.asc
Description: OpenPGP digital signature
