We have a total of three subnets (let's call them A, B, and C). Our unbound box has 2 NICs: one with an IP addresses on Subnet A, and another with an IP address on Subnet B.
We have a number of servers, some connected to subnets A & B, and one that is connected only to Subnet C. In unbound.conf, we are using: interface: 0.0.0.0 interface: ::0 and using access-control: to allow IP ranges on all three subnets. However, unbound will only answer queries as follows: 1) From servers on subnet A: unbound answers queries made to its IP address on Subnet A or B. 2) From servers on subnet B: unbound answers queries made to its IP address on either Subnet A or B. 3) From the server on subnet C: unbound answers queries made ONLY to its IP address on Subnet A, but does not respond to queries made to its address on Subnet B. 4) From a remote server on still another subnet (we tested with a shared host we had shell access to), identical results to case #3 above. I turned verbosity all the way up to 5 in the logs, and in cases #3 and #4 above, unbound does see the query. It just doesn't respond. I was able to work around this by commenting out both the interface: 0.0.0.0 and ::0 lines and replace with: interface: 127.0.0.1 interface: ::1 interface: IP on Subnet A interface: IP on Subnet B So I'm glad I was able to work around it, but I'm curious why interface: 0.0.0.0 didn't work as it should. Any ideas? Thanks, SteveJ _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
