Maintained by: NLnet Labs

[nsd-users] unbound not accepting a stub or forward pointing to a loopback interface.

Anand Buddhdev
Sat May 21 09:58:04 CEST 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 21/05/16 01:13, Måns Nilsson wrote:

> I initially tried to make nsd listen on 127.0.0.53 using an extra 
> loopback interface (in contrast to a statement by a PFY working at
> a Swedish ISP back in the dotcom bubble days, we feel that we can
> afford loopback interfaces... True story.) and it works. Half-way.
> I can dig @127.0.0.53 and get excellent answers back. But unbound
> refuses to use the address, and returns SERVFAIL.  As soon as I
> make nsd listen on a physical interface on the host and change the
> unbound config accordingly so that it points to that address for
> forwarding/stub address, things start working.

You'll want the following in unbound.conf:

do-not-query-localhost: no

The default is yes, and stops unbound from sending queries to anything
in 127.0.0.0/8 and ::1.

Regards,
Anand
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJXQBULAAoJEBXgoyUMySoFqOMP/jB+5BOgxrQdxfaz3zhNqTfP
a5zFNFjuooKBt816uuSyotFyrAwELmispRTHjxY2eyIypVZWe4naVcRT/YkHVSc3
U9kQP7idxVb9DGP4Lhkmxdj2VyPVNqFDEqBOCyw8bIHois0NhdtmvjGOTj9Qa6gy
Rp7bnkIgkDNYX7QY4vZ57VnkQN8GskJJFAx6DVTeBnj4dMxzJgBw5XALnMkdks1I
tYI/UtaHgxrg7WmryZg96KOgw904X/oM74r97q6/ubPUTBA0O5MRmxQMZSNmtykM
rjK98miehjZ/uPrLnSUwqjNj3jO4BRJvJ1jDmgvAkWRlQtjQ5zGB8kw1LEPUwt+1
WnaCEpefT0cysOgfbrAXl1NncKP+YG046wBD4k31V6RsLdyx89n33g8Xvlt0gszG
iFoyQBqfFmJWxBKCx5BL1bXmpQslZPuaG7HBelr2j5WkxZWsv3uwjpaAKVaqVJDX
LiX7ACfkjgMFsz+7vGFmmPvukjulIQ2udtEu3eCfYRJ/6ebLD6aS+9MIjMHgzMU9
+rYVxKSTwAt/dkmLV816NIqgPrVw8nSmpJhKr0MEnrjfi7e+73y/WLSKQ0pTP86S
mWAOZ+EP9cZHxWdwY1NHDvKQ5EwLcclLIaJO+tQQr0/RmVve0iDAuYV2hCirzm4D
4LT7RnQAhGuIhlPeSfpb
=fb8b
-----END PGP SIGNATURE-----