You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
which implies, if I'm not wrong, unbound will fetch the latest version once a day. This time frame (24h) will start when unbound starts and fetches the zone.
The script that generates the zone runs once a day, if however unbound is (re)started shortly before the new data becomes available, unbound uses the old data for almost a day.
It would be very usefull to change the behaviour of unbound-control rpz_enable ( or, see below), so that the zone file would be refreshed immediatly, once the zone is enabled. This would allow for:
generate new zone file (script, that has nothing to do with unbound)
disable the rpz zone (sudo /usr/sbin/unbound-control rpz_disable doh)
enable the rpz zone (sudo /usr/sbin/unbound-control rpz_enable doh), and thus fetch the latest zone data.
of course, I'm not opossed to an additional (new) unbound-control command: unbound-control rpz-refresh zone ...
for now, I'm forced to restart unbound to force an update, as unbound-control reload doesn't appear to force a refresh (fetch the latest zone dat from source).
The text was updated successfully, but these errors were encountered:
Hello there,
I wouldn't like for the enable action to have implicit results i.e., transferring the zone.
Since RPZ zones share the same behavior as auth zones in Unbound, there is already the command unbound-control auth_zone_transfer that could be used to initiate a new transfer from master for a configured zone (auth or RPZ).
I believe this is exactly what you are asking.
I will update the unbound-control documentation to reflect that.
* nlnet/master:
- Fix some lint type warnings.
- Fix ede test to not use default pidfile, and use local interface.
- Fix to silence test for ede error output to the console from the test setup script.
- Fix typos in config_set_option for the 'num-threads' and 'ede-serve-expired' options.
- FixNLnetLabs#678: [FR] modify behaviour of unbound-control rpz_enable zone, by updating unbound-control's documentation.
- For NLnetLabs#677: Added tls-system-cert to config parser and documentation. - Changelog note for NLnetLabs#677.
Allow using system certificates not only on Windows
- FixNLnetLabs#417: prefetch and ECS causing cache corruption when used together.
- FixNLnetLabs#673: DNS over TLS: error: SSL_handshake syscall: No route to host.
- Fix Python build in non-source directory; based on patch by Michael Tokarev.
Changelog entry for NLnetLabs#604: Add the basic EDE (RFC8914) cases
Add the basic EDE (RFC8914) cases (NLnetLabs#604)
- FixNLnetLabs#670: SERVFAIL problems with unbound 1.15.0 running on OpenBSD 7.1.
unbound-control can disable / enable a zone (syntax, example zone doh: sudo /usr/sbin/unbound-control rpz_enable doh
The doh zone has the following `header:
$TTL 30
@ SOA jpgpi250.github.io. hostmaster.jpgpi250.github.io. 2205150849 86400 1800 604800 30
NS localhost.
which implies, if I'm not wrong, unbound will fetch the latest version once a day. This time frame (24h) will start when unbound starts and fetches the zone.
The script that generates the zone runs once a day, if however unbound is (re)started shortly before the new data becomes available, unbound uses the old data for almost a day.
It would be very usefull to change the behaviour of unbound-control rpz_enable ( or, see below), so that the zone file would be refreshed immediatly, once the zone is enabled. This would allow for:
of course, I'm not opossed to an additional (new) unbound-control command: unbound-control rpz-refresh zone ...
for now, I'm forced to restart unbound to force an update, as unbound-control reload doesn't appear to force a refresh (fetch the latest zone dat from source).
The text was updated successfully, but these errors were encountered: