[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-jail
Subject: Re: FreeBSD 10 + unbound + jail == nothing resolves
From: Marc Fournier <scrappy () hub ! org>
Date: 2014-08-14 16:52:28
Message-ID: FA76D42A-089E-40CD-87D0-58595B3CF593 () hub ! org
[Download RAW message or body]
Damn, missed the /var/log/debug.log file … had been monitoring /var/log/messsages … \
in /var/log/debug.log, I get:
Aug 14 17:45:36 97381 unbound: [98857:0] debug: refused query from ip4 200.46.208.99 \
port 61092 (len 16)
Aug 14 17:45:36 97381 unbound: [98857:0] debug: refuse[53:0] \
124D0100000100000000000102363602373202333802353007696E2D61646472046172706100000C0001000029FFFF000000000000
before and after disabling DNSSEC … got it, had to add:
access-control: 200.46.208.99/32 allow
now it resolves fine …
thx
On Aug 14, 2014, at 08:17 , Ruben van Staveren <ruben@verweg.com> wrote:
>
> Marc,
>
> can you try to disable DNSSEC?
>
> http://www.unbound.net/documentation/howto_turnoff_dnssec.html
>
> (and add val-log-level: 2)
>
> it might be that your upstream nameserver botches DNSSEC reply. To keep DNSSEC, \
> uncomment inclusion of the generated forwarder configuration and have unbound query \
> the root nameservers itself.
> Cheers,
> Ruben
>
>
> On 14 Aug 2014, at 8:48, Marc Fournier <scrappy@hub.org> wrote:
>
> >
> > Before I give up and just install bind (which I’d really like to avoid doing, but \
> > it did work out of the box) … has anyone gotten this to run?
> > I’ve searched Google, and can find next to nothing … but I have to be missing \
> > something obvious, else I would expect to find loads … or nobody is acutally \
> > doing this …
> > I tried the simple:
> >
> > add local_unbound_enable=“YES” to rc.conf
> > start up the service
> >
> > it modifies my /etc/resolv.conf, starts up, but when I try to ‘drill’ a domain, \
> > I get nothing back … checked /var/log/messages, only thing I see is what appears \
> > to be the start up:
> > Aug 14 07:19:02 97381 unbound: [44840:0] notice: init module 0: validator
> > Aug 14 07:19:02 97381 unbound: [44840:0] notice: init module 1: iterator
> >
> >
> > I’ve even tried running from the command line with ‘-d -vv’, and all I get is:
> >
> > /var/unbound # /usr/sbin/unbound -c/var/unbound/unbound.conf -d -vv
> > [1407997717] unbound[45554:0] notice: Start of unbound 1.4.20.
> > [1407997717] unbound[45554:0] debug: switching log to syslog
> >
> > I have it running on the host server, and it responsed perfectly well … I’ve \
> > tried changing the ‘namserver’ setting in /etc/resolv.conf to be the IP of the \
> > jail, vs localhost … as well as setting ‘interfaces’ in /var/unbound/unbound.conf \
> > … no difference …
> > Help?
> >
> >
> >
> > _______________________________________________
> > freebsd-jail@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"
> >
>
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic