-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Richard Doty wrote: | Greetings unbounders, | | I occasionally need to look up an A record for which one of the | authoritative nameservers is lame: mail.opusnet.com | | Unbound seems to accept the referral from the lame nameserver as | final, rather than trying the others: | | $ ping mail.opusnet.com | ping: Cannot resolve "mail.opusnet.com" (No address associated with name) | | Is that intentional? Maybe I'm misunderstanding the behavior. This is not intentional. Most lame servers give different responses. I added a new case to the lameness detection. For an authority server that responds with noerror/nodata, no SOA in authority, no AA bit, and an NS record pointing to the zone itself, this is now treated as a lame server instead of an answer. Thank you for the report. A fix for the issue is in unbound svn trunk r1111. Best regards, ~ Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkhM7g8ACgkQkDLqNwOhpPiWmACfQtNQ/OuSibUvwnGtuSMeGH3u bsgAn2blDaOEP5ymzSPbHoIap4YPDioj =6wck -----END PGP SIGNATURE-----