Hi folks,
We deployed Unbound 1.7.0 on one of our production servers yesterday,
and I have two questions regarding the aggressive-nsec feature:
1. It seems that unbound-control cannot tell me whether the option is
enabled (we enabled it explicitly in the configuration):
# unbound-control get_option aggressive-nsec
error unknown option
Am I doing something wrong, or is this something that might need fixing?
2. It would be nice to have a metric in the extended statistics that
tallies how many times aggressive-nsec was used to produce an NXDOMAIN
response, is that possible?
Cheers,
Roland
Hi Roland,
Hi folks,
We deployed Unbound 1.7.0 on one of our production servers yesterday,
and I have two questions regarding the aggressive-nsec feature:
1. It seems that unbound-control cannot tell me whether the option is
enabled (we enabled it explicitly in the configuration):
# unbound-control get_option aggressive-nsec
error unknown option
Am I doing something wrong, or is this something that might need fixing?
That indeed needed fixing, which just happened.
2. It would be nice to have a metric in the extended statistics that
tallies how many times aggressive-nsec was used to produce an NXDOMAIN
response, is that possible?
Thanks for the suggestion. That sounds like a good idea which I will
happily implement.
-- Ralph
Hi Ralph,
We deployed Unbound 1.7.0 on one of our production servers yesterday,
and I have two questions regarding the aggressive-nsec feature:
1. It seems that unbound-control cannot tell me whether the option is
enabled (we enabled it explicitly in the configuration):
# unbound-control get_option aggressive-nsec
error unknown option
Am I doing something wrong, or is this something that might need fixing?
That indeed needed fixing, which just happened.
Thanks!
2. It would be nice to have a metric in the extended statistics that
tallies how many times aggressive-nsec was used to produce an NXDOMAIN
response, is that possible?
Thanks for the suggestion. That sounds like a good idea which I will
happily implement.
Cool, send me a mail off list if you need me to test this for you.
Cheers,
Roland