SERVFAIL when unbound forward-addr is an ssh forward port tunnel
ronvarburg at yahoo.com
ronvarburg at yahoo.com
Sun Jun 16 15:41:57 UTC 2019
With
-------------------------------------------------------------
server:
directory: "/etc/unbound"
do-daemonize: no
tcp-upstream: yes
trust-anchor-file: trusted-key.key
use-syslog: yes
username: "unbound"
forward-zone:
name: "."
forward-addr: 127.0.0.1 at 1053
-------------------------------------------------------------
and
% ssh -L 127.0.0.1:1053:127.0.0.1:53 server
,
% drill nameToQuery
returns SERVFAIL. In fact, any query doesn't work.
According to tcpdump -vv -x -X -s 1500 -i lo 'port 1053',
nothing being sent to the forward-addr.
While
% drill -I 127.0.0.1 -p 1053 -4 -t nameToQuery
succeeds. Is that expected, for example because it is inherent to the NS protocol?
If it supposed to work, how to further debug it?
More information about the Unbound-users
mailing list