Maintained by: NLnet Labs

[Unbound-users] Interface Automatic IPv6 / Load balancing

Robert Blayzor
Thu Jul 10 17:00:08 CEST 2014


I have been testing unbound as a replacement for BIND for recursive DNS in a high
volume ISP deployment.

We are deploying about four unbound VM servers behind a F5 BigIP LTM, performance L4
(npath/DSR)


OS:  FreeBSD 10.0/amd64
unbound 1.4.22

This requires us to configure the IP as a loopback address on each server so we can
have the LTM send the DNS requests to each server.  In order for this to work we must
set "interface-automatic: yes" in the unbound configuration so that unbound will
send the response back from the loopback address and not the IP address of the NIC
the request came in on.

For IPv4 this seems to work flawlessly.  For IPv6, not so much.  When using an IPv6
VIP on the loopback we still see replies with the source address of the outbound NIC
and not the loopback IP.

I'm wondering if this is a bug or lack of feature.  I know that when using BIND9 this
works.

Any input would be great.

TIA

-Robert