Maintained by: NLnet Labs

[Unbound-users] issue with unbound 1.4.6 win32 package

bmanning at vacation.karoshi.com
Wed Aug 4 19:36:26 CEST 2010



	based on some other measurement (v6 tunnels etc.)
	we have set our buf-size to 1220 bytes.

--bill


On Wed, Aug 04, 2010 at 05:35:29PM +0200, W.C.A. Wijngaards wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
> 
> Thanks for that logfile.  Seems like the response for www.isc.org from
> its nameserver is timeout, probably because of PMTU problems.  All
> fragments get dropped and you get no larger packets than 1480 through.
> rs.dns-oarc.net can help you measure that as well as netalyzer and other
> tools.
> 
> Perhaps a firewall is (mis)configured to drop fragments and you can fix it?
> 
> Otherwise unbound has the following option that can help you:
> 	edns-buffer-size: 1480
> 
> Best regards,
>    Wouter
> 
> On 08/04/2010 02:27 PM, W.C.A. Wijngaards wrote:
> > Hi,
> > 
> > That should work, can you set verbosity higher (level 4), and send me
> > the logfile (privately, it'll be large) afterwards?  Unless the errors
> > are descriptive enough that you can solve it (level 2 is a summarized
> > debug level that may be nice for that).
> > 
> > If you delete the logfile before you start unbound, and set
> > 	logfile: "C:\unbound.log"
> > then debug information gets written there.
> > 
> > Best regards,
> >    Wouter
> > 
> > On 08/04/2010 01:48 PM, 404Error wrote:
> >> I have installed unbound 1.4.6 win32 package with the default options on
> >> both Windows XP Professional SP3 and Windows Vista Ultimate SP2.
> > 
> >> Using the unbound dns server (127.0.0.1) I cannot browse to
> >> http://www.isc.org/, I get a host name lookup failure error.
> > 
> >> If I switch back to my ISP's DNS servers it works fine.
> > 
> >> Here is my service.conf contents...
> > 
> >> -->
> >> # Unbound configuration file on windows.
> >> # See example.conf for more settings and syntax
> >> server:
> >>     # verbosity level 0-4 of logging
> >>     verbosity: 0
> > 
> >>     # on Windows, this setting makes reports go into the Application log
> >>     # found in ControlPanels - System tasks - Logs
> >>     use-syslog: no
> > 
> >>     # specify the interfaces to answer queries from by ip-address.
> >>     # The default is to listen to localhost (127.0.0.1 and ::1).
> >>     # specify 0.0.0.0 and ::0 to bind to all available interfaces.
> >>     # specify every interface[@port] on a new 'interface:' labelled line.
> >>     # The listen interfaces are not changed on reload, only on restart.
> >>     interface: 127.0.0.1
> > 
> >>     # Enable IPv6, "yes" or "no".
> >>     do-ip6: no
> > 
> >>     # enable to not answer id.server and hostname.bind queries.
> >>     hide-identity: yes
> > 
> >>     # enable to not answer version.server and version.bind queries.
> >>     hide-version: yes
> > 
> >>     # File with DLV trusted keys. Same format as trust-anchor-file.
> >>     # There can be only one DLV configured, it is trusted from root down.
> >>     # Download http://ftp.isc.org/www/dlv/dlv.isc.org.key
> >>     dlv-anchor-file: "C:\Program Files\Unbound\dlv.isc.org.key"
> >> <--
> >> _______________________________________________
> >> Unbound-users mailing list
> >> Unbound-users at unbound.net
> >> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
> > 
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
> 
> iEYEARECAAYFAkxZiMEACgkQkDLqNwOhpPieGwCfURVd2+tpv+mYjlu3Y5+HhLEJ
> aXwAoKzV7V6+8sz4eUB09INZm5nOqmwo
> =4wGX
> -----END PGP SIGNATURE-----
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users