Maintained by: NLnet Labs

[Unbound-users] Unbound fails to stub-zone to localhost

martin f krafft
Tue Oct 21 14:43:03 CEST 2008


also sprach W.C.A. Wijngaards <wouter at NLnetLabs.nl> [2008.10.01.1528 +0200]:
> Unbound will send to the servers named in the NS set in preference to
> the configured 127.0.0.1.

Why does it do this? What's the design decision? It seems wrong to
have unbound redirect queries for a zone to e.g. localhost, then ask
localhost for the zone's NS record, resolve that, and then direct
all other queries there instead, effectively ignoring the explicit
redirect/stub/forward instruction.

> This may help you. In svn trunk I recently fixed unbound so that
> you can run with stub-addr: 127.0.0.1 at 10053  with NSD running on
> port 10053 on localhost.   When you use the '@' for port notation
> (in the svn trunk version) the NS record set is not used in
> preference.

This feels like a hack to me. Shouldn't it possibly be the other way
around? By default, ignore the NS set (or at least don't require
it), unless a special flag is set to make it recurse NS records and
forward queries to the NS configured in the zone?

Cheers,

-- 
martin | http://madduck.net/ | http://two.sentenc.es/
 
a bachelor is a man who never made the same mistake once.
 
spamtraps: madduck.bogus at madduck.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20081021/fd770815/attachment.pgp>