Hello, ** Vladimir Lomov via Unbound-users <unbound-users@lists.nlnetlabs.nl> [2023-12-15 17:12:15 +0800]:
Hello, ** Daisuke HIGASHI <daisuke.higa...@gmail.com> [2023-12-15 17:29:27 +0900]:try to add: server: do-not-query-localhost: no into "main" instance configuration.Already has this one.
I managed to get this to work. I had to explicitly set the `interface`, add
the `access-control` to the "ipv4" instance, and change the `forward-addr` in
the "main" instance.
It seems that the unbound running by systemd couldn't send requests to ::1
address. What makes me think that:
- when the "ipv4" instance has no explicit 'interface' setting then it uses
::1 and 127.0.0.1, which I checked by running `dig`;
- meanwhile the "main" instance with
```
forward-addr: ::1@10053
```
would return nothing.
- After changing the "ipv4" instance to use a specific address both the `dig`
and the "main" instance return results.
But I could be way off here.
For the record, this is the "ipv4" instance configuration:
```
server:
interface: fdb9:1981:930:5::1:907
port: 10053
include: "/etc/unbound/ipv4/public-address.conf"
access-control: fdb9:1981:0930::/48 allow
chroot: "/etc/unbound/ipv4"
directory: "/etc/unbound/ipv4"
private-address: ::/0
trust-anchor-file: "/etc/unbound/ipv4/trusted-key.key"
python:
dynlib:
remote-control:
```
This is part of the "main" instance configuration:
```
forward-zone:
name: "isu.bkoty.ru"
forward-addr: fdb9:1981:930:5::1:907@10053
```
I run the unbound on Linux by systemd with "instantiated" service file (a bit
changed the upstream .service).
---
WBR, Vladimir Lomov
--
The only winner in the War of 1812 was Tchaikovsky.
-- David Gerrold
signature.asc
Description: PGP signature
