Maintained by: NLnet Labs

[Unbound-users] Problem with forward-zone

Simon Deziel
Mon Jun 30 17:52:19 CEST 2014


On 14-06-28 01:54 PM, Robert Edmonds wrote:
> Ralf Hildebrandt wrote:
>> * Simon Deziel <simon+unbound at sdeziel.info>:
>>> On 14-06-19 09:27 AM, Ralf Hildebrandt wrote:
>>>> Forwarding works OK, but on 141.42.2.22 I'm seeing queries in the
>>>> query.log:
>>>>
>>>> 19-Jun-2014 15:23:05.172 client 141.42.202.200#18055: query: 1.2.3.4.b.baRRACudACEnTRal.org IN A +EDC (141.42.2.22)
>>>> 19-Jun-2014 15:23:05.342 client 141.42.202.200#51273: query: 1.2.3.4.B.bARRACuDAcENtrAL.ORg IN A +EDC (141.42.2.22)
>>>> 19-Jun-2014 15:23:05.422 client 141.42.202.200#61743: query: 1.2.3.4.b.BarracUDaCentraL.ORG IN A +EDC (141.42.2.22)
>>>> 19-Jun-2014 15:23:05.582 client 141.42.202.200#47007: query: 1.2.3.4.b.BArRACudAceNtraL.ORg IN A +EDC (141.42.2.22)
>>>>
>>>> Why are these queries forwarded without any explicit forward-zone
>>>> statement?
>>>
>>> If you are on Debian/Ubuntu you should check if /etc/default/unbound has
>>> RESOLVCONF_FORWARDERS set to true as this would instruct Unbound to use
>>> the nameservers from resolv.conf as forwarders.
> 
> No, this is incorrect.  Nothing in the unbound package reads forwarders
> from /etc/resolv.conf.  If RESOLVCONF_FORWARDERS is set, and the
> resolvconf package is installed, then the non-loopback IPs provided to
> the resolvconf facility will be configured as forwarders for Unbound at
> runtime.

I stand corrected, thanks for the precision.