Maintained by: NLnet Labs

[Unbound-users] Problem with forward-zone

Ralf Hildebrandt
Thu Jun 19 15:27:47 CEST 2014


I'm at my wits end. I'm ttrying to setup unbound on a mail server this
way:

* query internal DNS Servers for internal zones (forward/reverse)
* query special DNS Servers for spamhaus.org
* the rest: do directly

My config:
==========

server:
   auto-trust-anchor-file: "/var/lib/unbound/root.key"
	    
   logfile: "/var/log/unbound.log"
   val-log-level: 2
   verbosity: 1
   use-caps-for-id: yes

forward-zone:
   name: "zen.spamhaus.org."
   forward-addr: 194.95.234.5
   forward-addr: 194.95.238.5

forward-zone:
   name: "charite.de."
   forward-addr: 141.42.1.11
   forward-addr: 141.42.2.22
	    
forward-zone:
   name: "42.141.in-addr.arpa."
   forward-addr: 141.42.1.11
   forward-addr: 141.42.2.22
			
forward-zone:
   name: "10.in-addr.arpa."
   forward-addr: 141.42.1.11
   forward-addr: 141.42.2.22
				    
What's happening:
=================

Forwarding works OK, but on 141.42.2.22 I'm seeing queries in the
query.log:

19-Jun-2014 15:23:05.172 client 141.42.202.200#18055: query: 1.2.3.4.b.baRRACudACEnTRal.org IN A +EDC (141.42.2.22)
19-Jun-2014 15:23:05.342 client 141.42.202.200#51273: query: 1.2.3.4.B.bARRACuDAcENtrAL.ORg IN A +EDC (141.42.2.22)
19-Jun-2014 15:23:05.422 client 141.42.202.200#61743: query: 1.2.3.4.b.BarracUDaCentraL.ORG IN A +EDC (141.42.2.22)
19-Jun-2014 15:23:05.582 client 141.42.202.200#47007: query: 1.2.3.4.b.BArRACudAceNtraL.ORg IN A +EDC (141.42.2.22)

Why are these queries forwarded without any explicit forward-zone
statement?


-- 
Ralf Hildebrandt                   Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de        Campus Benjamin Franklin
http://www.charite.de              Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155