On 2024-06-23 15:49 +01, [email protected] wrote:
>>Synopsis: unwind: ignored force forwarder configuration
>>Category: unwind
>>Environment:
> System : OpenBSD 7.5
> Details : OpenBSD 7.5-current (GENERIC.MP) #254: Fri Jun 21
> 10:05:58 WEST 2024
>
> [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> Architecture: OpenBSD.amd64
> Machine : amd64
>>Description:
> When unwind is configured to use recursor and autoconf it is
> impossible to force some zones to forwarder without adding forwarder
> to preference.
I would argue that it works as intended. I suppose this could be
documented better.
Only resolving strategies listed in "preference" are considered.
Now, I would entertain diffs that implement what you expected, but with
the current design such a diff would be rather invasive.
In the grand scheme of things I think we need to improve on
split-horizon DNS but that's a lot of work and very low on my todo list.
>>How-To-Repeat:
> 1. Run unwind with configuration:
>
> forwarder { 172.31.2.1 }
>
> preference { recursor autoconf }
>
> force forwarder {
> test.domain
> }
>
> 2. Run tcpdump to interface to where 172.31.2.1 should be routerd
> 3. Run host test.domain 127.0.0.1
> 4. Confirm that no request sent to 172.31.2.1
>>Fix:
> Adding forwarder to preference block overstep an issue
>
--
In my defence, I have been left unsupervised.
