[Bug 228210] 11.2-BETA1 - DNS resolution does not work with local_unbound; cannot ping with local_unbound disabled

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon May 14 06:15:02 UTC 2018 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228210

Dag-Erling Smørgrav <des at FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|New                         |Open
           Assignee|net at FreeBSD.org             |des at FreeBSD.org

--- Comment #1 from Dag-Erling Smørgrav <des at FreeBSD.org> ---
What that configuration line does is disable DNSSEC, which is half the point of
running Unbound in the first place.

There is absolutely no difference in Unbound between 11.0-R, 11.1-R and 11.1-S.
 Not a single line of code.  If it worked on one but not on the other, there
were differences in your environment.

There is also no way Unbound or its absence can prevent you from sending or
receiving packets.

I suggest using `traceroute -n` instead of or in addition to `ping`; it will
show you not only whether the target is reachable, but where the problem lies. 
Let it run for at least 30 seconds before interrupting it, and if it shows even
*one* line with actual numbers instead of “* * *”, the problem is not on your
own machine but somewhere upstream.

The following assumes that you are on a dynamically configured IPv4 network.

When Unbound doesn't seem to be working, start by checking that the latest
stanza in /var/db/dhclient.leases.<interface-name> is recent (the “renew”,
“rebind” and “expire” dates are all in the future) and that it contains an
“option domain-name-servers” line.  Try that IP address with drill(8).  If it
doesn't respond, then your network is misconfigured.

Check that the address you got in the previous step matches the “forward-addr”
line in /var/unbound/forward.conf.  If it doesn't, there is something wrong
with dhclient(8) or resolvconf(8).  Try to edit forward.conf yourself and
restart the local_unbound service.

Run `netstat -4rn | grep default` and check that it matches the address on the
“option routers” line in dhclient.leases.  Run `route -4n get
<nameserver-address>` and check that the “interface” line shows your external
network interface and that the “gateway” line shows the same address that you
got from netstat(8) earlier.  Try `service netif restart <interface> && service
dhclient restart <interface>`.

If none of the above works, send me a detailed log of all the commands that you
tried and their output, as well as the last stanza from dhclient.leases and the
full output from `ifconfig -v` and `netstat -4rn`.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-net mailing list