Hello, On 30. 10. 18 20:14, Andrew Meyer via Unbound-users wrote: > Hello, > I am running unbound on CentOS 7 (latest) using Unbound 1.6.6. While > doing a tcpdump to my destination DNS server I can see that unbound is > appending my internal zone to everything.
I bet this is caused by client so I would recommend you to verify what queries Unbound receives from client side. Typically this is caused by messy `search` directive in resolv.conf or simialar config. Take away: Never ever use `search` directive. Petr Špaček @ CZ.NIC > > Here is my config: > ]# cat /etc/unbound/unbound.conf|grep -v '#' > server: > > verbosity: 3 > > statistics-interval: 0 > > statistics-cumulative: no > > extended-statistics: yes > > num-threads: 4 > > interface: x.x.x.x > > interface-automatic: no > > so-rcvbuf: 4m > > so-sndbuf: 4m > > cache-max-negative-ttl: 10 > > do-ip4: yes > > do-ip6: no > > do-udp: yes > > do-tcp: yes > > do-daemonize: yes > > access-control: 0.0.0.0/0 refuse > access-control: x.x.x.x/16 allow > > chroot: "" > > username: "unbound" > > directory: "/etc/unbound" > > logfile: "/var/log/unbound.log" > > > log-time-ascii: yes > > pidfile: "/var/run/unbound/unbound.pid" > > harden-glue: yes > > harden-dnssec-stripped: yes > > harden-below-nxdomain: yes > > harden-referral-path: yes > > use-caps-for-id: no > > unwanted-reply-threshold: 10000000 > > do-not-query-localhost: yes > > prefetch: yes > > prefetch-key: yes > > rrset-roundrobin: yes > > minimal-responses: yes > > module-config: "iterator" > > trusted-keys-file: /etc/unbound/keys.d/*.key > auto-trust-anchor-file: "/var/lib/unbound/root.key" > > val-clean-additional: yes > > val-permissive-mode: no > > val-log-level: 1 > > include: /etc/unbound/local.d/*.conf > > include: /etc/unbound/conf.d/*.conf > > > 19:12:51.822564 IP 10.1.6.247.49589 > 10.10.0.31.domain: 18798+% [1au] > A? grafana.example.com.example.net. (70) > 19:12:51.822735 IP 10.10.0.31.domain > 10.1.6.247.49589: 18798 NXDomain* > 0/1/1 (132) > 19:12:51.823203 IP 10.1.6.247.8795 > 10.10.0.31.domain: 14439+% [1au] > AAAA? grafana.example.com.example.net. (70) > 19:12:51.823280 IP 10.10.0.31.domain > 10.1.6.247.8795: 14439 NXDomain* > 0/1/1 (132) > 19:12:54.020532 IP 10.1.6.247.59429 > 10.10.0.31.domain: 3647+ A? > unbound01.stl1.example.net. (49) > 19:12:54.020640 IP 10.10.0.31.domain > 10.1.6.247.59429: 3647* 1/6/6 A > 10.1.6.247 (315) > 19:12:54.056951 IP 10.1.6.247.45906 > 10.10.0.31.domain: 52440+ A? > unbound01.stl1.example.net. (49)
