Maintained by: NLnet Labs

forward-zone: .

M. Piscaer
Thu Nov 24 10:52:27 CET 2016


On 24-11-16 09:08, W.C.A. Wijngaards via Unbound-users wrote:
> Hi Michiel,
> 
> On 23/11/16 21:34, M. Piscaer via Unbound-users wrote:
>> Hi,
>>
>> I try to forward all query's to an central dns resolver.
>>
>> In the config of the unbound service I have the following setting:
>>
>> forward-zone:
>>   name: "com."
>>   forward-addr: 192.168.1.1
>>   forward-addr: 192.168.1.2
>>
>> forward-zone:
>>   name: "."
>>   forward-addr: 192.168.1.1
>>   forward-addr: 192.168.1.2
>>
>> After reloading the unbound service, I only see the .com in de
>> forwarding table:
>>
>> #unbound-control list_forwards
>> com. IN forward: 192.168.1.1 192.168.1.2
> 
> For me, the config works fine, and lists
> . IN forward 192.168.1.1 192.168.1.2
> com. IN forward 192.168.1.1 192.168.1.2
> 
> For you this does not work?  Are you changing the correct config file
> (on some systems you can pick the wrong one)?  If you start unbound with
> (high) verbosity, it'll print the forward zones that are configured at
> startup to the (sys-)log.
> 

After some digging I got the following results:

When start the unbound service with:

#service unbound start or
# /etc/init.d/unbound start

I only see the .com in unbound-control list_forwards and not the . :
# unbound-control list_forwards
com. IN forward: 88.159.1.200 88.159.1.201


When I start unbound -v

# unbound -v
[1479979805] unbound[11635:0] notice: Start of unbound 1.4.22.
Nov 24 10:30:05 unbound[11635:0] debug: creating udp4 socket 127.0.0.1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp4 socket 127.0.0.1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating udp6 socket ::1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp6 socket ::1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp6 socket ::1 8953
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp4 socket 127.0.0.1 8953
Nov 24 10:30:05 unbound[11635:0] debug: switching log to syslog

I see the both forwards.
# unbound-control list_forwards
. IN forward: 88.159.1.200 88.159.1.201
com. IN forward: 88.159.1.200 88.159.1.201

Both forwards are in the same config file.

I don't see any errors, with verbosity: 3

The system is an ubuntu 14.04 and the unbound package is the default
from ubuntu.

When I start unbound with /etc/init.d/unbound start and then

# unbound-control list_forwards
com. IN forward: 88.159.1.200 88.159.1.201

# unbound-control forward_add . 88.159.1.200 88.159.1.201
ok

I see both the forwards
# unbound-control list_forwards
. IN forward: 88.159.1.201 88.159.1.200
com. IN forward: 88.159.1.200 88.159.1.201


Kind regards,

Michiel Piscaer

-- 
Network / System Engineer
Security Officer

E-mail:   m.piscaer at edutel.nl
Telefoon: +31 88 787 0209
Fax:      +31 88 787 0502
Mobiel:   +31 6 16048782
Threema:  PBPCM9X3
PGP:      0x592097DB
W3:       www.edutel.nl