Date: Mon, 14 May 2018 06:09:14 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228210] 11.2-BETA1 - DNS resolution does not work with local_unbound; cannot ping with local_unbound disabled Message-ID: <bug-228210-7501-AiT5PnZawY@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-228210-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-228210-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228210 Dag-Erling Sm=C3=B8rgrav <des@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Open Assignee|net@FreeBSD.org |des@FreeBSD.org --- Comment #1 from Dag-Erling Sm=C3=B8rgrav <des@FreeBSD.org> --- What that configuration line does is disable DNSSEC, which is half the poin= t of running Unbound in the first place. There is absolutely no difference in Unbound between 11.0-R, 11.1-R and 11.= 1-S. Not a single line of code. If it worked on one but not on the other, there were differences in your environment. There is also no way Unbound or its absence can prevent you from sending or receiving packets. I suggest using `traceroute -n` instead of or in addition to `ping`; it will show you not only whether the target is reachable, but where the problem li= es.=20 Let it run for at least 30 seconds before interrupting it, and if it shows = even *one* line with actual numbers instead of =E2=80=9C* * *=E2=80=9D, the prob= lem is not on your own machine but somewhere upstream. The following assumes that you are on a dynamically configured IPv4 network. When Unbound doesn't seem to be working, start by checking that the latest stanza in /var/db/dhclient.leases.<interface-name> is recent (the =E2=80=9C= renew=E2=80=9D, =E2=80=9Crebind=E2=80=9D and =E2=80=9Cexpire=E2=80=9D dates are all in the = future) and that it contains an =E2=80=9Coption domain-name-servers=E2=80=9D line. Try that IP address wit= h drill(8). If it doesn't respond, then your network is misconfigured. Check that the address you got in the previous step matches the =E2=80=9Cfo= rward-addr=E2=80=9D line in /var/unbound/forward.conf. If it doesn't, there is something wrong with dhclient(8) or resolvconf(8). Try to edit forward.conf yourself and restart the local_unbound service. Run `netstat -4rn | grep default` and check that it matches the address on = the =E2=80=9Coption routers=E2=80=9D line in dhclient.leases. Run `route -4n g= et <nameserver-address>` and check that the =E2=80=9Cinterface=E2=80=9D line s= hows your external network interface and that the =E2=80=9Cgateway=E2=80=9D line shows the sam= e address that you got from netstat(8) earlier. Try `service netif restart <interface> && ser= vice dhclient restart <interface>`. If none of the above works, send me a detailed log of all the commands that= you tried and their output, as well as the last stanza from dhclient.leases and= the full output from `ifconfig -v` and `netstat -4rn`. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-228210-7501-AiT5PnZawY>