Unbound non-local bind, no replay from the daemon
Aliaksei Sheshka
sheshkaoss at gmail.com
Wed Jan 10 21:38:47 UTC 2018
Hello!
Assuming config
server:
auto-trust-anchor-file: "/var/lib/unbound/root.key"
verbosity: 9
#ip-transparent: yes
#ip-freebind: yes
interface: 10.10.14.44
interface: 10.10.15.55
access-control: 0.0.0.0/0 allow
I see unbound listens
udp UNCONN 0 0 10.10.10.15.55:53
*:* users:(("unbound",pid=21765,fd=5))
udp UNCONN 0 0 10.10.10.14.44:53
*:* users:(("unbound",pid=21765,fd=3))
(Also , looks like options ip-transparent: yes and ip-freebind: yes do
nothing withregard of listening non-local IPs on Linux.)
Sysctl as follows:
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.conf.all.forwarding = 1
On my router I have set static routes to 10.10.14.44 and 10.10.15.55
via 192.168.13.13, 192.168.13.13 is the IP on the eth0 connected to
the router.
tcpdump show packets arriving on the eth0, but there are no packets
back, looks like they never reach unbound.
My question is how actually to steer DNS traffic to those non-local IPs?
What is missing in this setup?
Thanks!
More information about the Unbound-users
mailing list