Ralf Hildebrandt wrote: > * Simon Deziel <[email protected]>: > > On 14-06-19 09:27 AM, Ralf Hildebrandt wrote: > > > Forwarding works OK, but on 141.42.2.22 I'm seeing queries in the > > > query.log: > > > > > > 19-Jun-2014 15:23:05.172 client 141.42.202.200#18055: query: > > > 1.2.3.4.b.baRRACudACEnTRal.org IN A +EDC (141.42.2.22) > > > 19-Jun-2014 15:23:05.342 client 141.42.202.200#51273: query: > > > 1.2.3.4.B.bARRACuDAcENtrAL.ORg IN A +EDC (141.42.2.22) > > > 19-Jun-2014 15:23:05.422 client 141.42.202.200#61743: query: > > > 1.2.3.4.b.BarracUDaCentraL.ORG IN A +EDC (141.42.2.22) > > > 19-Jun-2014 15:23:05.582 client 141.42.202.200#47007: query: > > > 1.2.3.4.b.BArRACudAceNtraL.ORg IN A +EDC (141.42.2.22) > > > > > > Why are these queries forwarded without any explicit forward-zone > > > statement? > > > > If you are on Debian/Ubuntu you should check if /etc/default/unbound has > > RESOLVCONF_FORWARDERS set to true as this would instruct Unbound to use > > the nameservers from resolv.conf as forwarders.
No, this is incorrect. Nothing in the unbound package reads forwarders from /etc/resolv.conf. If RESOLVCONF_FORWARDERS is set, and the resolvconf package is installed, then the non-loopback IPs provided to the resolvconf facility will be configured as forwarders for Unbound at runtime. See /usr/share/doc/resolvconf/README.gz, /etc/resolvconf/update.d/unbound. > I'm not sure I understand this correctly. My resolv.conf is: > > nameserver 127.0.0.1 > search charite.de > > But to be on the safe side, I've set: > RESOLVCONF_FORWARDERS=false > now. > > Hm, this seems to work. I would guess that you had a "dns-nameservers" line in /etc/network/interfaces, and the resolvconf package installed. -- Robert Edmonds [email protected] _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
