forward-zone: .

M_Piscaer1 · November 23, 2016, 8:34pm

Hi,

I try to forward all query's to an central dns resolver.

In the config of the unbound service I have the following setting:

forward-zone:
  name: "com."
  forward-addr: 192.168.1.1
  forward-addr: 192.168.1.2

forward-zone:
  name: "."
  forward-addr: 192.168.1.1
  forward-addr: 192.168.1.2

After reloading the unbound service, I only see the .com in de
forwarding table:

#unbound-control list_forwards
com. IN forward: 192.168.1.1 192.168.1.2

When I remove the .com zone the unbound service doesn't use the central
server?

Kind regards,

Michiel Piscaer

Wouter · November 24, 2016, 8:08am

Hi Michiel,

Hi,

I try to forward all query's to an central dns resolver.

In the config of the unbound service I have the following setting:

forward-zone:
  name: "com."
  forward-addr: 192.168.1.1
  forward-addr: 192.168.1.2

forward-zone:
  name: "."
  forward-addr: 192.168.1.1
  forward-addr: 192.168.1.2

After reloading the unbound service, I only see the .com in de
forwarding table:

#unbound-control list_forwards
com. IN forward: 192.168.1.1 192.168.1.2

For me, the config works fine, and lists
. IN forward 192.168.1.1 192.168.1.2
com. IN forward 192.168.1.1 192.168.1.2

For you this does not work? Are you changing the correct config file
(on some systems you can pick the wrong one)? If you start unbound with
(high) verbosity, it'll print the forward zones that are configured at
startup to the (sys-)log.

Best regards, Wouter

M_Piscaer1 · November 24, 2016, 9:52am

After some digging I got the following results:

When start the unbound service with:

#service unbound start or
# /etc/init.d/unbound start

I only see the .com in unbound-control list_forwards and not the . :
# unbound-control list_forwards
com. IN forward: 88.159.1.200 88.159.1.201

When I start unbound -v

# unbound -v
[1479979805] unbound[11635:0] notice: Start of unbound 1.4.22.
Nov 24 10:30:05 unbound[11635:0] debug: creating udp4 socket 127.0.0.1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp4 socket 127.0.0.1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating udp6 socket ::1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp6 socket ::1 53
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp6 socket ::1 8953
Nov 24 10:30:05 unbound[11635:0] debug: creating tcp4 socket 127.0.0.1 8953
Nov 24 10:30:05 unbound[11635:0] debug: switching log to syslog

I see the both forwards.
# unbound-control list_forwards
. IN forward: 88.159.1.200 88.159.1.201
com. IN forward: 88.159.1.200 88.159.1.201

Both forwards are in the same config file.

I don't see any errors, with verbosity: 3

The system is an ubuntu 14.04 and the unbound package is the default
from ubuntu.

When I start unbound with /etc/init.d/unbound start and then

# unbound-control list_forwards
com. IN forward: 88.159.1.200 88.159.1.201

# unbound-control forward_add . 88.159.1.200 88.159.1.201
ok

I see both the forwards
# unbound-control list_forwards
. IN forward: 88.159.1.201 88.159.1.200
com. IN forward: 88.159.1.200 88.159.1.201

Kind regards,

Michiel Piscaer

M_Piscaer1 · November 24, 2016, 10:06am

I found the solution, in the file /etc/default/unbound the variable
RESOLVCONF and RESOLVCONF_FORWARDERS are set to true.

In the /etc/resolve.conf I had:

nameserver 127.0.0.1
nameserver 88.159.1.200
nameserver 88.159.1.201

Probably of the localhost the system ignors or got an error and did add
the lines and also ignores the forward in the config.

Kind regards,

Michiel Piscaer