From owner-freebsd-questions@FreeBSD.ORG  Tue Mar 25 10:39:05 2014
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 698828AA
 for <freebsd-questions@freebsd.org>; Tue, 25 Mar 2014 10:39:05 +0000 (UTC)
Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no
 [IPv6:2001:700:1100:1:200:ff:fe00:b])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 085318E6
 for <freebsd-questions@freebsd.org>; Tue, 25 Mar 2014 10:39:04 +0000 (UTC)
Received: from mail.fig.ol.no (localhost [127.0.0.1])
 by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id s2PAcvrY047483
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
 Tue, 25 Mar 2014 11:38:57 +0100 (CET)
 (envelope-from trond@fagskolen.gjovik.no)
Received: from localhost (trond@localhost)
 by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id s2PAcveH047480;
 Tue, 25 Mar 2014 11:38:57 +0100 (CET)
 (envelope-from trond@fagskolen.gjovik.no)
X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs
Date: Tue, 25 Mar 2014 11:38:57 +0100 (CET)
From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no>
Sender: Trond.Endrestol@fagskolen.gjovik.no
To: Ewald Jenisch <a@jenisch.at>
Subject: Re: No DNS-resolution after going to "unbound"
In-Reply-To: <20140325103304.GA1621@aurora.oekb.co.at>
Message-ID: <alpine.BSF.2.00.1403251137380.56113@mail.fig.ol.no>
References: <20140325103304.GA1621@aurora.oekb.co.at>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Organization: Fagskolen Innlandet
OpenPGP: url=http://fig.ol.no/~trond/trond.key
MIME-Version: 1.0
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
 autolearn=unavailable version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
X-Content-Filtered-By: Mailman/MimeDel 2.1.17
Cc: freebsd-questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Mar 2014 10:39:05 -0000

On Tue, 25 Mar 2014 11:33+0100, Ewald Jenisch wrote:

> 
> Hi,
> 
> Since by default FreeBSD 10 uses "unbound" as standard DNS-server I
> wanted to set up my system (FreeBSD 10, 64bit with kernel/system
> current as per Mar 19) to run a local caching DNS-server using
> unbound.
> 
> So I went ahead and proceeded as per
> https://wiki.freebsd.org/WhatsNew/FreeBSD10 which in turn points to
> http://blog.des.no/2013/09/local-caching-resolver-in-freebsd-10/ i.e.
> 
> # echo local_unbound_enable=yes >>/etc/rc.conf
> # service local_unbound start
> 
> As a result my /etc/resolv.conf has 
> 
> nameserver 127.0.0.1
> options edns0
> 
> which seems correct and 
> 
> # sockstat -4 | grep unbound
> unbound  unbound    3719  5  udp4   127.0.0.1:53          *:*
> unbound  unbound    3719  6  tcp4   127.0.0.1:53          *:*
> # 
> 
> and /etc/unbound/unbound.conf is
> 
> # Generated by local-unbound-setup
> server:
>         username: unbound
>         directory: /var/unbound
>         chroot: /var/unbound
>         pidfile: /var/run/local_unbound.pid
>         auto-trust-anchor-file: /var/unbound/root.key
>         verbosity: 1
> 
> include: /var/unbound/forward.conf
> # 

What's your /var/unbound/forward.conf like? Does its contents make 
sense?

> However whatever name I try to resolve doesn't work:
> 
> 
> # ping www.cisco.com
> ping: cannot resolve www.cisco.com: Host name lookup failure
> #
> 
> 
> # drill www.cnn.com
> ;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 46336
> ;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 
> ;; QUESTION SECTION:
> ;; www.cnn.com. IN      A
> 
> ;; ANSWER SECTION:
> 
> ;; AUTHORITY SECTION:
> 
> ;; ADDITIONAL SECTION:
> 
> ;; Query time: 126 msec
> ;; SERVER: 127.0.0.1
> ;; WHEN: Tue Mar 25 11:29:39 2014
> ;; MSG SIZE  rcvd: 29
> #
> 
> 
> BTW - no firewall etc. in place, just set up the Box from scratch,
> updated kernel/system and then wanted to switch to a local caching
> DNS-server using unbound.
> 
> 
> Has anybody out there experienced the same problems? Any known cure
> against it?
> 
> 
> Thanks much in advance for any clue,
> -ewald

-- 
+-------------------------------+------------------------------------+
| Vennlig hilsen,               | Best regards,                      |
| Trond Endrestøl,              | Trond Endrestøl,                   |
| IT-ansvarlig,                 | System administrator,              |
| Fagskolen Innlandet,          | Gjøvik Technical College, Norway,  |
| tlf. mob.   952 62 567,       | Cellular...: +47 952 62 567,       |
| sentralbord 61 14 54 00.      | Switchboard: +47 61 14 54 00.      |
+-------------------------------+------------------------------------+