Hi Georg,
On 20 Sep 2021, at 10:54, Gregory Schouweiler via Unbound-users wrote:
Hello,
Is there a bug with Debian 11?
I use the same configuration as on debian 10.9 but unbound doesn't
want to load the configuration file.
Under debian 10.9, unbound is in version 1.9.x
Under Debian 11, unbound is in version 1.13.1
My config files :
root@maxwell:/etc/unbound# cat unbound.conf
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
root@maxwell:/etc/unbound# cd unbound.conf.d/
root@maxwell:/etc/unbound/unbound.conf.d#<mailto:root@maxwell:/etc/unbound/unbound.conf.d#>
cat default.conf
interface: 0.0.0.0
access-control: 172.16.0.0/21 allow
access-control: 127.0.0.0/8 allow
root@maxwell:/etc/unbound/unbound.conf.d#<mailto:root@maxwell:/etc/unbound/unbound.conf.d#>
unbound-checkconf
/etc/unbound/unbound.conf.d/default.conf:1: error: syntax error
read /etc/unbound/unbound.conf failed: 1 errors in configuration file
it's a change in Debian 11, it's mentioned in the release notes and you
should have seen it during the upgrade to Debian 11 in the apt changes
messages:
https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#unbound-config-file-handling
5.1.6. Config file fragment handling in unbound
The DNS resolver unbound has changed the way it handles configuration
file fragments. If you are relying on an include:
directive to merge several fragments into a valid configuration, you
should read the NEWS file.
""
The default Debian config file shipped in the unbound package has
changed
from using the "include:" directive to using the "include-toplevel:"
directive in order to include the config file fragments in
/etc/unbound/unbound.conf.d/*.conf into the unbound configuration.
The "include-toplevel:" directive has been newly introduced in
unbound
1.11.0 and it requires that any included config file fragment begin
its own
clause (e.g., "server:").
""
Greetings
Carsten
