[Unbound-users] BINDs views in unbound
artis.caune at gmail.com
Fri Mar 27 11:34:22 UTC 2009
2009/3/27 W.C.A. Wijngaards <wouter at nlnetlabs.nl>:
> This is because you bound the second unbound only to 127.0.0.1 and from
> there it cannot sendmsg back to client.
> use interface: 0.0.0.0
> or interface-automatic: yes
> Don't forget to pf so only internal network can reach port 54 directly,
> and give your second unbound access-control for your internal network.
I was already using interface-automatic:
Now I changed interface to 0.0.0.0, ::0, disabled interface-automatic,
changed redirect from 127.0.0.1 to public ip and it works, thanks.
I have another strange problem, unbound is freezing and not answering
queries. It happened two times. I can not restart it.
It just prints
info: service stopped (unbound 1.2.1)
and I have to send KILL signal to it.
It happens often when I restart unbound. top shows it's in umtxn state:
10784 59 4 47 0 539M 479M umtxn 0 2:20 0.00% unbound
> Unbound tries to disable ipv4 to ipv6 mapping. But this still happened.
> It tries to send back, but the OS doesn't like it. This should not
> happen with the default config, this is for your first unbound? What is
> its config?
> For this also, interface-automatic: yes may solve it (it actually
> enables the mapping and uses it...). Or some config changes. Or
> disable ipv4toipv6-mapping-by-default with some FreeBSD sysctl; unbound
> tries to set a socket option but the kernel does not seem to honor it.
I'll check ipv6 options.
I use interface-automatic, without it unbound reply with another ip address:
;; reply from unexpected source: 220.127.116.11#53, expected 18.104.22.168#53
yes, this is my firs unbound :)
out setup is (average 1-2K qps):
interface bce0: 22.214.171.124, alias 126.96.36.199
interface bce1: only ipv6 address
unbound config is:
access-control: 0.0.0.0/0 allow
access-control: ::0/0 allow
<----. CCNA | BSDA
<----' didii FreeBSD
More information about the Unbound-users