On fresh 11.1 install, unbound(8) config is totally non-functional

Ronald F. Guilmette rfg at tristatelogic.com
Fri Oct 13 20:20:18 UTC 2017 

Greetings all,

I've just done a fresh install of 11.1-RELEASE onto a fresh/wiped drive
and now I'm just trying to get things tweeked to my liking, and get
everything working that should be working.

At the moment, the one and only thing that isn't working that should be
working is the "unbound" local caching resolver.  I've checked (via ps)
and I've seen that the thing -is- quite definitely running, but it
seems to be yielding only SERVFAIL for any and all queries sent to it
(from the local machine) which is really rather a show stopper.

I'm at a great disadvantage with respect to this problem, because although
I do know a fair amount about DNS generally, I never even knew of the
existance of the unbound caching resolver until the day before yesterday.
(I saw an option to enable in in the install menus and I just figured
that I would give it a try.)

In short, I'm totally ignorant about unbound, and about how to configure
it properly.  I also have no idea how to even start to "debug" this
glaring problem.

It appears that a set of tools which were run at install time have
pre-generated a set of .conf files for unbound.  Also, this other
new thing that I also have no experience with, resolvconf, has generated
an /etc/resolv.conf file for me.  But I am forced to assume that something
is broken in one or more of these .conf files, and that that something is
preventing the unbound dameon from doing its job.  I just have no idea
where to begin or how to figure out what the problem is.

I did try inserting the following additional lines into my local
/var/unbound/unbound.conf file, under the server: section, but these
appear to have had no effect, even after a reboot:

	verbosity: 3
	logfile: /var/log/unbound.log
	log-time-ascii: yes

(Note:  I *did* pre-create the file /var/log/unbound.log and did a chown
to user "unbound" before the reboot, but there's still nothing in it.)

So anyway, if anybody on this list is willing to help me to sort out these
problems with unbound, I sure would appreciate it.  There's obviously a
lot about it I don't understand, not the least of which is why I seem to
be unable to even get it to do some logging (which might help me to figure
out the problem(s), i.e. if at least that were working).

And help or advice appreciated.

More information about the freebsd-net mailing list