Maintained by: NLnet Labs

[Unbound-users] issue with unbound 1.4.6 win32 package

W.C.A. Wijngaards
Wed Aug 4 17:35:29 CEST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Thanks for that logfile.  Seems like the response for www.isc.org from
its nameserver is timeout, probably because of PMTU problems.  All
fragments get dropped and you get no larger packets than 1480 through.
rs.dns-oarc.net can help you measure that as well as netalyzer and other
tools.

Perhaps a firewall is (mis)configured to drop fragments and you can fix it?

Otherwise unbound has the following option that can help you:
	edns-buffer-size: 1480

Best regards,
   Wouter

On 08/04/2010 02:27 PM, W.C.A. Wijngaards wrote:
> Hi,
> 
> That should work, can you set verbosity higher (level 4), and send me
> the logfile (privately, it'll be large) afterwards?  Unless the errors
> are descriptive enough that you can solve it (level 2 is a summarized
> debug level that may be nice for that).
> 
> If you delete the logfile before you start unbound, and set
> 	logfile: "C:\unbound.log"
> then debug information gets written there.
> 
> Best regards,
>    Wouter
> 
> On 08/04/2010 01:48 PM, 404Error wrote:
>> I have installed unbound 1.4.6 win32 package with the default options on
>> both Windows XP Professional SP3 and Windows Vista Ultimate SP2.
> 
>> Using the unbound dns server (127.0.0.1) I cannot browse to
>> http://www.isc.org/, I get a host name lookup failure error.
> 
>> If I switch back to my ISP's DNS servers it works fine.
> 
>> Here is my service.conf contents...
> 
>> -->
>> # Unbound configuration file on windows.
>> # See example.conf for more settings and syntax
>> server:
>>     # verbosity level 0-4 of logging
>>     verbosity: 0
> 
>>     # on Windows, this setting makes reports go into the Application log
>>     # found in ControlPanels - System tasks - Logs
>>     use-syslog: no
> 
>>     # specify the interfaces to answer queries from by ip-address.
>>     # The default is to listen to localhost (127.0.0.1 and ::1).
>>     # specify 0.0.0.0 and ::0 to bind to all available interfaces.
>>     # specify every interface[@port] on a new 'interface:' labelled line.
>>     # The listen interfaces are not changed on reload, only on restart.
>>     interface: 127.0.0.1
> 
>>     # Enable IPv6, "yes" or "no".
>>     do-ip6: no
> 
>>     # enable to not answer id.server and hostname.bind queries.
>>     hide-identity: yes
> 
>>     # enable to not answer version.server and version.bind queries.
>>     hide-version: yes
> 
>>     # File with DLV trusted keys. Same format as trust-anchor-file.
>>     # There can be only one DLV configured, it is trusted from root down.
>>     # Download http://ftp.isc.org/www/dlv/dlv.isc.org.key
>>     dlv-anchor-file: "C:\Program Files\Unbound\dlv.isc.org.key"
>> <--
>> _______________________________________________
>> Unbound-users mailing list
>> Unbound-users at unbound.net
>> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
> 
_______________________________________________
Unbound-users mailing list
Unbound-users at unbound.net
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkxZiMEACgkQkDLqNwOhpPieGwCfURVd2+tpv+mYjlu3Y5+HhLEJ
aXwAoKzV7V6+8sz4eUB09INZm5nOqmwo
=4wGX
-----END PGP SIGNATURE-----