Maintained by: NLnet Labs

[Unbound-users] interface: 0.0.0.0 apparently not working

Steve Jenkins
Wed Sep 21 18:28:21 CEST 2011


We have a total of three subnets (let's call them A, B, and C).

Our unbound box has 2 NICs: one with an IP addresses on Subnet A, and
another with an IP address on Subnet B.

We have a number of servers, some connected to subnets A & B, and one
that is connected only to Subnet C.

In unbound.conf, we are using:

interface: 0.0.0.0
interface: ::0

and using access-control: to allow IP ranges on all three subnets.

However, unbound will only answer queries as follows:

1) From servers on subnet A: unbound answers queries made to its IP
address on Subnet A or B.

2) From servers on subnet B: unbound answers queries made to its IP
address on either Subnet A or B.

3) From the server on subnet C: unbound answers queries made ONLY to
its IP address on Subnet A, but does not respond to queries made to
its address on Subnet B.

4) From a remote server on still another subnet (we tested with a
shared host we had shell access to), identical results to case #3
above.

I turned verbosity all the way up to 5 in the logs, and in cases #3
and #4 above, unbound does see the query. It just doesn't respond.

I was able to work around this by commenting out both the interface:
0.0.0.0 and ::0 lines and replace with:

interface: 127.0.0.1
interface: ::1
interface: IP on Subnet A
interface: IP on Subnet B

So I'm glad I was able to work around it, but I'm curious why
interface: 0.0.0.0 didn't work as it should. Any ideas?

Thanks,

SteveJ