Unbound ignores first-view setting?

[Mogens Jensen]

Hi,

I'm trying to configure views on Unbound 1.9.1 OpenBSD 6.5.

This is the minimal initial configuration file:

===
server:
        interface: 0.0.0.0

        access-control: 192.168.0.0/24 allow
        access-control-view: 192.168.0.0/24 firstview

        local-zone: "local." static
        local-data: "cups.local. IN A 192.168.1.1"

view:
        name: "firstview"
        local-zone: "local." static
        local-data: "gateway.local. IN A 192.168.0.1"
        view-first: yes

forward-zone:
        name: "."
        forward-addr: 8.8.8.8
===

The problem is that Unbound will not use the global local-zone tree after no match is found in a view, even though view-first is set to yes.

This is output from a client in 192.168.0.0/24 when running Unbound with the above configuration file:

===
client:~$ host -t cups.local
Host cups.local not found: 3(NXDOMAIN)
client:~$ host -t gateway.local
gateway.local has address 192.168.0.1
===

If I remove "access-control-view: 192.168.0.0/24 firstview" and try again from the same client:

===
client:~$ host -t cups.local
cups.local has address 192.168.1.1
client:~$ host -t gateway.local
Host gateway.local not found: 3(NXDOMAIN)
===

What could I be doing wrong?

Thanks.

Best regards,
Mogens Jensen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190828/3b7cced3/attachment.htm>