How to disable DNSSEC/EDNS for lwresd
Tomas Hozza
thozza at redhat.com
Tue Apr 29 14:17:56 UTC 2014
Hi.
I'm trying to disable DNSSEC/EDNS for the lwresd using the
following lwresd.conf:
options {
directory "/var/named/";
dnssec-enable no;
dnssec-validation no;
pid-file "/run/named/lwresd.pid";
session-keyfile "/run/named/session.key";
};
lwres {
search {example1.;};
ndots 1;
};
But it seems that the 'dnssec-enable no;' statement has no
influence on the EDNS usage in queries sent by lwresd.
I was able to disable EDNS when lwres is run as named
using:
server 0.0.0.0/0 {
edns no;
};
server ::/0 {
edns no;
};
in the configuration. However I was not able to disable EDNS
when running lwresd.
We have a user that would like to disable EDNS to reduce the
overhead it adds and improve the performance. The DNSSEC is
not a priority for them.
Is there way to disable DNSSEC/EDNS for lwresd?
Thank you in advance.
Regards,
--
Tomas Hozza
Software Engineer - EMEA ENG Developer Experience
PGP: 1D9F3C2D
Red Hat Inc. http://cz.redhat.com
More information about the bind-users
mailing list