local unbound SERVFAIL without visible reason
Frank Shute
frank at woodcruft.co.uk
Thu Jun 30 16:29:35 UTC 2016
On Wed, Jun 29, 2016 at 12:06:29PM +0200, Nagy Lszl Zsolt wrote:
>
> System: FreeBSD 10.2-RELEASE
>
> /etc/rc.conf contains:
>
> local_unbound_enable="yes"
>
> My forwarders are: 80.249.168.18 and 87.229.108.201
>
> Unbound seems to be running and listening:
>
> # sockstat -l4 | grep :53
> unbound unbound 69063 5 udp4 127.0.0.1:53 *:*
> unbound unbound 69063 6 tcp4 127.0.0.1:53 *:*
>
> Ports are open to the world (but they should not be):
>
> # ipfw show | grep 2025
> 02025 12 750 allow udp from any to me dst-port 53
> 02025 0 0 allow tcp from any to me dst-port 53
>
> Forwarder was setup correctly:
>
> # cat /var/unbound/forward.conf
> forward-zone:
> name: .
> forward-addr: 80.249.168.18
> forward-addr: 87.229.108.201
I've got this in unbound.conf:
forward-zone:
name: "."
forward-addr: 8.8.4.4 # Google
forward-addr: 8.8.8.8 # Google
Note that the period is quoted; maybe that's the problem.
>
> But it is not working!
>
> # host google.com 127.0.0.1
> Using domain server:
> Name: 127.0.0.1
> Address: 127.0.0.1#53
> Aliases:
>
> Host google.com not found: 2(SERVFAIL)
>
> It DOES work with any of the forwarders:
>
> # host google.com 80.249.168.18
> Using domain server:
> Name: 80.249.168.18
> Address: 80.249.168.18#53
> Aliases:
>
> google.com has address 216.58.209.206
> google.com has IPv6 address 2a00:1450:4001:810::200e
> google.com mail is handled by 30 alt2.aspmx.l.google.com.
> google.com mail is handled by 20 alt1.aspmx.l.google.com.
> google.com mail is handled by 40 alt3.aspmx.l.google.com.
> google.com mail is handled by 50 alt4.aspmx.l.google.com.
> google.com mail is handled by 10 aspmx.l.google.com.
>
> There is no error message in log/messages.
By default, unbound uses syslog. In the server section of unbound.conf(5), I
set:
verbosity: 1
which spits out any errors to: /var/log/debug.log
You can crank verbosity up to 4 but it shouldn't be necessary.
>
> How should I find the problem?
>
HTH.
Regards,
--
Frank
https://woodcruft.co.uk/
More information about the freebsd-questions
mailing list