[Unbound-users] forward zone order
Will Yardley
unbound at veggiechinese.net
Thu Jan 8 21:30:12 UTC 2015
To give a more specific example of the behavior I'm seeing, I'm seeing
certain queries fail completely when one of the two forwarders is not
responding.
Unbound is RHEL 6 version (1.4.22).
[in my config; note - unbound-control doesn't seem to list the port]
forward-zone:
name: "sbl-xbl.spamhaus.org"
forward-addr: 127.0.0.1 at 3768
forward-addr: 131.215.239.55
# unbound-control list_forwards | grep sbl-xbl
sbl-xbl.spamhaus.org. IN forward: 127.0.0.1 X.X.X.55
# dig -p3768 2.0.0.127.sbl-xbl.spamhaus.org
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> -p3768 2.0.0.127.sbl-xbl.spamhaus.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2338
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;2.0.0.127.sbl-xbl.spamhaus.org. IN A
;; ANSWER SECTION:
2.0.0.127.sbl-xbl.spamhaus.org. 60 IN A 127.0.0.2
2.0.0.127.sbl-xbl.spamhaus.org. 60 IN A 127.0.0.4
;; Query time: 0 msec
;; SERVER: 127.0.0.1#3768(127.0.0.1)
;; WHEN: Thu Jan 8 13:19:53 2015
;; MSG SIZE rcvd: 80
# dig 2.0.0.127.sbl-xbl.spamhaus.org
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> 2.0.0.127.sbl-xbl.spamhaus.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31161
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;2.0.0.127.sbl-xbl.spamhaus.org. IN A
;; Query time: 286 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 8 13:19:59 2015
;; MSG SIZE rcvd: 48
# dig 2.0.0.127.sbl-xbl.spamhaus.org @X.X.X.55
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> 2.0.0.127.sbl-xbl.spamhaus.org @X.X.X.55
;; global options: +cmd
;; connection timed out; no servers could be reached
When the second forward is reachable again, the queries start responding
again.
w
More information about the Unbound-users
mailing list