Day: April 16, 2014

  • Allowing +trace in Unbound

    By default, +trace works when querying Bind server as it returns root hints as NS-list for “.”. However, +trace disables RD flag and the first query (dig +norecurse NS .) is REFUSED by unbound. The fix: In unbound.conf, change access-control: 10.0.0.0/8 allow to access-control: 10.0.0.0/8 allow_snoop Change allow to allow_snoop for all subnets served by…