<div dir="ltr">even when i add your access config line:<div><br></div><div><span style="font-family:monospace"><span style="font-weight:bold;color:rgb(255,84,84)">supabunka</span><span style="font-weight:bold;color:rgb(84,84,255)"> /etc/unbound #</span><span style="color:rgb(0,0,0)"> dig @<a href="http://192.168.110.250">192.168.110.250</a> <a href="http://heise.de">heise.de</a>
</span><br>
<br>; <<>> DiG 9.16.15 <<>> @<a href="http://192.168.110.250">192.168.110.250</a> <a href="http://heise.de">heise.de</a>
<br>; (1 server found)
<br>;; global options: +cmd
<br>;; Got answer:
<br>;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 21149
<br>;; flags: qr rd ad; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
<br>;; WARNING: recursion requested but not available
<br>
<br>;; Query time: 0 msec
<br>;; SERVER: 192.168.110.250#53(192.168.110.250)
<br>;; WHEN: Wed Nov 10 16:50:37 CET 2021
<br>;; MSG SIZE  rcvd: 12<br></span></div><div><span style="font-family:monospace"><br></span></div><div><span style="font-family:monospace"><br></span></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Am Mi., 10. Nov. 2021 um 16:48 Uhr schrieb George Thessalonikefs via Unbound-users <<a href="mailto:unbound-users@lists.nlnetlabs.nl">unbound-users@lists.nlnetlabs.nl</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Johannes,<br>
<br>
Unbound by default only listens on localhost.<br>
You would need to configure 'access-control:' to allow client netblocks <br>
to query Unbound.<br>
<br>
 From your example I guess that something like<br>
        access-control: <a href="http://192.168.0.0/16" rel="noreferrer" target="_blank">192.168.0.0/16</a> allow<br>
would allow most of your clients to connect.<br>
<br>
Best regards,<br>
-- George<br>
<br>
On 10/11/2021 16:39, Johannes B. Kernel via Unbound-users wrote:<br>
> hello list,<br>
> <br>
> unbound refuses all requests on my machine.<br>
> google dns server works fine, tested already.<br>
> <br>
> <br>
> my unbound.conf looks like:<br>
> <br>
> server:<br>
> <br>
> statistics-cumulative: yes<br>
> extended-statistics: yes<br>
> log-queries: yes<br>
> log-servfail: yes<br>
> verbosity: 9<br>
> val-log-level: 2<br>
> <br>
> interface: 192.168.100.250<br>
> interface: 116.202.87.165<br>
> interface: 192.168.120.251<br>
> interface: 192.168.110.250<br>
> <br>
> outgoing-interface: 192.168.100.250<br>
> outgoing-interface: 192.168.110.250<br>
> outgoing-interface: 192.168.120.251<br>
> outgoing-interface: 116.202.87.165<br>
> num-threads: 2<br>
> <br>
> include: /etc/unbound/unbound.conf.d/name_solving.conf<br>
> include: /etc/unbound/unbound.conf.d/privacy_options.conf<br>
> include: /etc/unbound/unbound.conf.d/cache_options.conf<br>
> include: /etc/unbound/unbound.conf.d/dnssec_options.conf<br>
> include: /etc/unbound/unbound.conf.d/blacklist.conf<br>
> include: /etc/unbound/unbound.conf.d/local_names.conf<br>
> include: /etc/unbound/unbound.conf.d/opennic_names.conf<br>
> include: /etc/unbound/unbound.conf.d/forwarders.conf<br>
> <br>
> remote-control:<br>
>        control-enable: yes<br>
> <br>
> <br>
> can anyone help with am idea?<br>
> <br>
> best regards<br>
> marko<br>
</blockquote></div>