SERVFAIL errors with FreeBSD using unbound only
C.L. Martinez
carlopmart at gmail.com
Fri Jan 1 16:57:18 UTC 2016
Hi all,
I have configured unbound as a cache nameserver in a FreeBSD 10.2
amd64 (fully patched) host. At the same time, I am using nsd to resolve
names for my internal hosts.
But there is a problem: unbound doesn't works/redirect reverse queries
for IP address to nsd daemon.
My current unbound.conf:
server:
interface: 127.0.0.1
interface: 172.21.55.14
interface: ::1
do-ip6: no
username: unbound
directory: /var/unbound
chroot: /var/unbound
pidfile: /var/run/local_unbound.pid
auto-trust-anchor-file: /var/unbound/root.key
access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.0/8 allow
access-control: 172.21.55.0/28 allow
access-control: ::0/0 refuse
access-control: ::1 allow
hide-identity: yes
hide-version: yes
do-not-query-localhost: no
include: /var/unbound/forward.conf
#include: /var/unbound/lan-zones.conf
include: /var/unbound/control.conf
#include: /var/unbound/conf.d/*.conf
stub-zone:
name: "mydom.org"
stub-addr: 127.0.0.1 at 5353
stub-zone:
name: "21.172.in-addr.arpa"
stub-addr: 127.0.0.1 at 5353
nsd is listening on localhost, port 5353. When I try to do some reverse
query from a linux client:
[root at cstbbvn01 ~]# nslookup
> 172.21.55.14
Server: 172.21.55.14
Address: 172.21.55.14#53
** server can't find 14.55.21.172.in-addr.arpa: SERVFAIL
> 172.21.55.1
Server: 172.21.55.14
Address: 172.21.55.14#53
** server can't find 1.55.21.172.in-addr.arpa: SERVFAIL
> exit
Every time, a servfail is displayed. All other queries works ok.
Disabling unbound and using nsd only, all works ok also.
Then, what am I doing wrong with unbound??
Thanks.
More information about the freebsd-questions
mailing list