[Unbound-users] small bug ?

Paul Wouters paul at xelerance.com
Thu Feb 4 14:35:16 UTC 2010


On Thu, 4 Feb 2010, Leen Besselink wrote:

> And I found out unbound was sending queries with the D0-bit set, but it isn't 
> configured to actually validate anything.

unbound does validation per default. You can disable this using

val-permissive-mode:yes

however, it will still perform queries with the DO bit, and validation.
It will just pass the data along anyway (as if the client send the CD bit)

> Is their a way to turn this off when needed (for example if I'm running 
> unbound on a laptop and am somewhere with a bad firewall) ?

unbound should recover from those failures (eg TCP 53 firewalled, or
UDP >512bytes failing) by itself.

Paul



More information about the Unbound-users mailing list