[nsd-users] unbound not accepting a stub or forward pointing to a loopback interface.

Fredrik Pettai pettai at nordu.net
Sat May 21 16:10:15 UTC 2016


Hej Måns,

> On 21 May 2016, at 01:13, Måns Nilsson <mansaxel at besserwisser.org> wrote:
> 
> Greetings, 
> 
> I've got a resolve server setup, using OpenBSD, unbound, and nsd. (hence the crosspost)
> 
> The setup is as follows; 
> 
> […]
> 
> Is this an issue in unbound or OpenBSD (5.9)? 

We have an almost similar setup on some of our servers, and it works fine (on Debian).
I saw others already gave the hint what’s needs to be configured for this to work.

> Bonus question: Forward or Stub? I never really got through to understand
> the differences ;-)

Stub is for local zone(s) in unbound (unless something changed last time I looked)
Simpler and preferred if you can use that I’d say...

The reason for us to choose forward to local nsd was that the zone(s) served
locally from nsd was updated several time from the master (the master is not under our control),
so doing timely zone transfers was a pre-req.
And forwarding allows for the use of "forward-first" option in unbound (which we use),
which allows unbound to fallback to the zone(s) served by name servers on Internet
if our local cache would fail for some reason... 

Re,
/P




More information about the nsd-users mailing list