Date: Fri, 01 Jan 2016 18:18:59 +0100 From: =?UTF-8?Q?Sol=C3=A8ne_Rapenne?= <solene@bsd.zplay.eu> To: "C.L. Martinez" <carlopmart@gmail.com> Cc: questions@freebsd.org, owner-freebsd-questions@freebsd.org Subject: Re: SERVFAIL errors with FreeBSD using unbound only Message-ID: <02feeed81ba7d96058df2df5d4b202a3@mail.zplay.eu> In-Reply-To: <5686AFEA.2020501@gmail.com> References: <5686AFEA.2020501@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Le 2016-01-01 17:57, C.L. Martinez a écrit : > Hi all, > > I have configured unbound as a cache nameserver in a FreeBSD 10.2 > amd64 (fully patched) host. At the same time, I am using nsd to > resolve names for my internal hosts. > > But there is a problem: unbound doesn't works/redirect reverse > queries for IP address to nsd daemon. > > My current unbound.conf: > > server: > interface: 127.0.0.1 > interface: 172.21.55.14 > interface: ::1 > do-ip6: no > username: unbound > directory: /var/unbound > chroot: /var/unbound > pidfile: /var/run/local_unbound.pid > auto-trust-anchor-file: /var/unbound/root.key > access-control: 0.0.0.0/0 refuse > access-control: 127.0.0.0/8 allow > access-control: 172.21.55.0/28 allow > access-control: ::0/0 refuse > access-control: ::1 allow > hide-identity: yes > hide-version: yes > do-not-query-localhost: no > > > include: /var/unbound/forward.conf > #include: /var/unbound/lan-zones.conf > include: /var/unbound/control.conf > #include: /var/unbound/conf.d/*.conf > > stub-zone: > name: "mydom.org" > stub-addr: 127.0.0.1@5353 > > stub-zone: > name: "21.172.in-addr.arpa" > stub-addr: 127.0.0.1@5353 > > > nsd is listening on localhost, port 5353. When I try to do some > reverse query from a linux client: > > [root@cstbbvn01 ~]# nslookup >> 172.21.55.14 > Server: 172.21.55.14 > Address: 172.21.55.14#53 > > ** server can't find 14.55.21.172.in-addr.arpa: SERVFAIL >> 172.21.55.1 > Server: 172.21.55.14 > Address: 172.21.55.14#53 > > ** server can't find 1.55.21.172.in-addr.arpa: SERVFAIL >> exit > > > Every time, a servfail is displayed. All other queries works ok. > Disabling unbound and using nsd only, all works ok also. > > Then, what am I doing wrong with unbound?? > > Thanks. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" Hi, You should add this in your unbound config file : local-zone: 21.172.in-addr.arpa. transparent Also, I am using unbound + nsd and in my config file I have forward-addr instead of stub-zone but I don't remember the difference, and as far as I remember I was using stub-zone before and it was working.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02feeed81ba7d96058df2df5d4b202a3>