Today I had to disable private address stripping of 10.0.0.0/8 because it was leading to SERVFAILS when looking up echannel.stateauto.com
I'm running Unbound 1.4.16 on Centos 6.2 Name : unbound Arch : x86_64 Version : 1.4.16 Release : 1.el6 The following dig shows the presence of private addresses in the additional section. I thought by default Unbound would strip these addresses when using the respective private addresss: option in the config, but it appears to be leading to lookup failures. I haven't a clue what else I should look at, if I should modify my config or what. Thanks for guidance. [CDNS1]# dig @174.47.194.100 echannel.stateauto.com ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @174.47.194.100 echannel.stateauto.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50513 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 5 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;echannel.stateauto.com. IN A ;; AUTHORITY SECTION: echannel.stateauto.com. 3600 IN NS dc1gss.stateauto.com. echannel.stateauto.com. 3600 IN NS colgss.stateauto.com. echannel.stateauto.com. 3600 IN NS irogss.stateauto.com. ;; ADDITIONAL SECTION: dc1gss.stateauto.com. 3600 IN A 10.30.252.102 dc1gss.stateauto.com. 3600 IN A 174.47.194.102 colgss.stateauto.com. 3600 IN A 66.192.197.102 colgss.stateauto.com. 3600 IN A 10.25.252.102 irogss.stateauto.com. 3600 IN A 63.86.19.102 ;; Query time: 26 msec ;; SERVER: 174.47.194.100#53(174.47.194.100) ;; WHEN: Thu Mar 21 15:44:22 2013 ;; MSG SIZE rcvd: 205
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
