Dear Team,
I am running Unbound 1.13.1 on Ubuntu (arm64).
1. Cache issue:
-
I want to flush the entire DNS cache or view all cached entries.
-
I tried:
unbound-control flush_zone . unbound-control flush_requestlist unbound-control flush_bogusbut it doesn’t seem to clear everything (some cached A records still answer after flush).
-
Restarting Unbound clears it, but is there a way to completely flush the cache without restarting?
-
Also: is there any way to list/dump all cached entries?
2. RPZ NSDNAME issue:
-
I am trying to block domains by NSDNAME via RPZ. I followed examples like:
ns1.accessworld.net.rpz-nsdname IN CNAME . ns2.accessworld.net.rpz-nsdname IN CNAME . -
I also tried adding in
/etc/unbound/unbound.conf:rpz-nsdname-wait-recurse: yesbut Unbound fails to start with errors:
/etc/unbound/unbound.conf:88: error: unknown keyword 'rpz-nsdname-wait-recurse' /etc/unbound/unbound.conf:88: error: stray ':' /etc/unbound/unbound.conf:88: error: unknown keyword 'yes' -
It looks like my version (1.13.1) doesn’t recognize this directive.
Questions:
-
What is the correct way to flush or dump the Unbound DNS cache in 1.13.1?
-
How can I block based on NSDNAME in Unbound 1.13.1 if
rpz-nsdname-wait-recurseisn’t available? -
Do I need to upgrade to a newer Unbound (≥1.16.0) to fully use RPZ NSDNAME rules?
-
Best way to upgrade without disturbing the current version?