From owner-freebsd-net@freebsd.org Mon May 14 06:15:02 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C19BFDAE50 for ; Mon, 14 May 2018 06:15:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 247DE81CCC for ; Mon, 14 May 2018 06:15:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id DCF44FDAE3B; Mon, 14 May 2018 06:15:01 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A00ACFDAE28 for ; Mon, 14 May 2018 06:15:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D2E7D7F7A7 for ; Mon, 14 May 2018 06:09:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id DC67C8243 for ; Mon, 14 May 2018 06:09:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w4E69Eac012800 for ; Mon, 14 May 2018 06:09:14 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w4E69ErM012792 for net@FreeBSD.org; Mon, 14 May 2018 06:09:14 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228210] 11.2-BETA1 - DNS resolution does not work with local_unbound; cannot ping with local_unbound disabled Date: Mon, 14 May 2018 06:09:14 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: misc X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: des@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: des@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 May 2018 06:15:02 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228210 Dag-Erling Sm=C3=B8rgrav changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Open Assignee|net@FreeBSD.org |des@FreeBSD.org --- Comment #1 from Dag-Erling Sm=C3=B8rgrav --- What that configuration line does is disable DNSSEC, which is half the poin= t of running Unbound in the first place. There is absolutely no difference in Unbound between 11.0-R, 11.1-R and 11.= 1-S. Not a single line of code. If it worked on one but not on the other, there were differences in your environment. There is also no way Unbound or its absence can prevent you from sending or receiving packets. I suggest using `traceroute -n` instead of or in addition to `ping`; it will show you not only whether the target is reachable, but where the problem li= es.=20 Let it run for at least 30 seconds before interrupting it, and if it shows = even *one* line with actual numbers instead of =E2=80=9C* * *=E2=80=9D, the prob= lem is not on your own machine but somewhere upstream. The following assumes that you are on a dynamically configured IPv4 network. When Unbound doesn't seem to be working, start by checking that the latest stanza in /var/db/dhclient.leases. is recent (the =E2=80=9C= renew=E2=80=9D, =E2=80=9Crebind=E2=80=9D and =E2=80=9Cexpire=E2=80=9D dates are all in the = future) and that it contains an =E2=80=9Coption domain-name-servers=E2=80=9D line. Try that IP address wit= h drill(8). If it doesn't respond, then your network is misconfigured. Check that the address you got in the previous step matches the =E2=80=9Cfo= rward-addr=E2=80=9D line in /var/unbound/forward.conf. If it doesn't, there is something wrong with dhclient(8) or resolvconf(8). Try to edit forward.conf yourself and restart the local_unbound service. Run `netstat -4rn | grep default` and check that it matches the address on = the =E2=80=9Coption routers=E2=80=9D line in dhclient.leases. Run `route -4n g= et ` and check that the =E2=80=9Cinterface=E2=80=9D line s= hows your external network interface and that the =E2=80=9Cgateway=E2=80=9D line shows the sam= e address that you got from netstat(8) earlier. Try `service netif restart && ser= vice dhclient restart `. If none of the above works, send me a detailed log of all the commands that= you tried and their output, as well as the last stanza from dhclient.leases and= the full output from `ifconfig -v` and `netstat -4rn`. --=20 You are receiving this mail because: You are the assignee for the bug.=