Hello, ** Vladimir Lomov via Unbound-users <unbound-users@lists.nlnetlabs.nl> [2023-12-15 17:12:15 +0800]:
Hello, ** Daisuke HIGASHI <daisuke.higa...@gmail.com> [2023-12-15 17:29:27 +0900]:try to add: server: do-not-query-localhost: no into "main" instance configuration.Already has this one.
I managed to get this to work. I had to explicitly set the `interface`, add the `access-control` to the "ipv4" instance, and change the `forward-addr` in the "main" instance. It seems that the unbound running by systemd couldn't send requests to ::1 address. What makes me think that: - when the "ipv4" instance has no explicit 'interface' setting then it uses ::1 and 127.0.0.1, which I checked by running `dig`; - meanwhile the "main" instance with ``` forward-addr: ::1@10053 ``` would return nothing. - After changing the "ipv4" instance to use a specific address both the `dig` and the "main" instance return results. But I could be way off here. For the record, this is the "ipv4" instance configuration: ``` server: interface: fdb9:1981:930:5::1:907 port: 10053 include: "/etc/unbound/ipv4/public-address.conf" access-control: fdb9:1981:0930::/48 allow chroot: "/etc/unbound/ipv4" directory: "/etc/unbound/ipv4" private-address: ::/0 trust-anchor-file: "/etc/unbound/ipv4/trusted-key.key" python: dynlib: remote-control: ``` This is part of the "main" instance configuration: ``` forward-zone: name: "isu.bkoty.ru" forward-addr: fdb9:1981:930:5::1:907@10053 ``` I run the unbound on Linux by systemd with "instantiated" service file (a bit changed the upstream .service). --- WBR, Vladimir Lomov -- The only winner in the War of 1812 was Tchaikovsky. -- David Gerrold
signature.asc
Description: PGP signature