You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When both stub-first and stub-tls-upstream options are enabled, unbound tries to use parent NS, but it uses TLS with them, while accessing them on the default port (53). I think it should either not use TLS on parent NS in this case, make it configurable, use tls-port, or document that this use case will fail.
The text was updated successfully, but these errors were encountered:
As it turns out, I am slightly wrong here. It works, for the first query only. Then it fails for every query, that is not in the cache.
It seems, that first query on fallback sets it's iq->dp here:
In the first case copied value of dp->ssl_upstream is false, in second case it is true.
I still know too little to really understand, what all of this code does, but maybe it will help others to pinpoint the problem.
Edits: grammar
Hello.
When both
stub-first
andstub-tls-upstream
options are enabled, unbound tries to use parent NS, but it uses TLS with them, while accessing them on the default port (53). I think it should either not use TLS on parent NS in this case, make it configurable, usetls-port
, or document that this use case will fail.The text was updated successfully, but these errors were encountered: