-
-
Notifications
You must be signed in to change notification settings - Fork 340
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove DLV entirely from Unbound #246
Comments
Hi Vicky, |
There is code in progress on this branch: https://github.com/NLnetLabs/unbound/tree/dlv-removal This aims to remove DLV, but makes the dlv option ignored and print a warning. |
Thanks for the heads up and the code has been modified for upcoming releases to remove the leftover DLV functionality. If people still have DLV options it prints a warning. Since the DLV repository is empty, that is the same validation end result anyway. |
* nlnet/master: (37 commits) - Fix NLnetLabs#296: systemd nss-lookup.target is reached before unbound can successfully answer queries. Changed contrib/unbound.service.in. - Refactor to use sock_strerr shorthand function. - Merge PR NLnetLabs#293: Add missing prototype. Also refactor to use the new shorthand function to clean up the code. Add missing prototype. - Review fix, doxygen and assign null in case of error free. Please doxygen, quote the characters to stop it from parsing a doxygen command. - Similar to NSD PR#113, implement that interface names can be used, eg. something like interface: eth0 is resolved at server start and uses the IP addresses for that named interface. - Update documentation in python example code. - Change configure to use EVP_sha256 instead of HMAC_Update for openssl-3.0.0. - Fix to apply chroot to dnstap-socket-path, if chroot is enabled. - Fix that dnstap reconnects do not spam the log with the repeated attempts. Attempts on the timer are only logged on high verbosity, if they produce a connection failure error. - Fix stats double count issue (NLnetLabs#289). - Create and init edns tags data for libunbound. Changelog note. - Rerun autoconf Rerun autoconf and autoheader on configure.ac, with libtool Add changlog entry for PR NLnetLabs#277. - Check for existence 'EVP_MAC_CTX_set_params' function (openssl >= 3.0.0-alpha5) - Fix NLnetLabs#287: doc typo: "Additionaly". Changelog note for NLnetLabs#246 and NLnetLabs#284 - Merge PR NLnetLabs#284 and Fix NLnetLabs#246: Remove DLV entirely from Unbound. The DLV has been decommisioned and in unbound 1.5.4, in 2015, there was advise to stop using it. The current code base does not contain DLV code any more. The use of dlv options displays a warning. dlv removal, remove DLV reference from unused use in test case. ...
Hey, I could be mistaken, but it seems like you might still have the DLV option in Unbound. If you do, it is time to remove it.
1.5.4 changed the default settings and removed the ISC DLV key from the packages - which is great, but at this point, any resolver that is querying the DLV is going extra work for zero added value. At this point there is an empty zone at dlv.isc.org, just so that resolvers querying it won't get stuck in a loop re-querying it. It would be better to remove the DLV from Unbound entirely. We removed it from BIND as of BIND 9.16 (the 2020 stable version), which has the added benefit of simplifying our code.
The text was updated successfully, but these errors were encountered: