after all, it revealed to be just fiber connection fucked up, and
causing the enormous packet drops. sorry for the noise
On 29.09.16 10:48, Gregory Edigarov wrote:
Hi,
Need an advice.
I have a bgp router with 3 interfaces:
em0 (xxx.yyy,zzz.1/24),
em1, em2 - looking at uplinks
bgp is up and running, packets are forwarded just fine. also there is
nsd, listening on both em1,em2 serving my reverse zone.
so far everything works.
now I want this host also be a resolver for lan, that sits on
xxx.yyy,zzz.1
here is what I have in unbound.conf
server:
verbosity: 1
outgoing-interface: 0.0.0.0
interface: 127.0.0.1
interface:
access-control: 127.0.0.0/8 allow
access-control: xxx.yyy.zzz.0/24 allow
access-control: ::1 allow
access-control: ::ffff:127.0.0.1 allow
root-hints: /etc/unbound/root.hints
some hosts are resolving correctly, for example google.com, but many
have SERVFAIL.
if I have
outgoing-interface: xxx.yyy.zzz.1
nothing works.
so the question is: how to make unbound work in such setup?
thank you.
--
With best regards,
Gregory Edigarov
