Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

I dont know why the forward function doesn't work. #45

Closed
silveric10 opened this issue Jun 25, 2019 · 4 comments
Closed

I dont know why the forward function doesn't work. #45

silveric10 opened this issue Jun 25, 2019 · 4 comments

Comments

@silveric10
Copy link

@silveric10 silveric10 commented Jun 25, 2019

I only made these changes below to the unbound.conf. I want to forward all my dns queries to port 9999, but it doesn't work.
interface:127.0.0.1@8888
forward-zone
name: "."
forward-addr: 127.0.0.1@9999
Can you help to explain?

@wcawijngaards
Copy link
Member

@wcawijngaards wcawijngaards commented Jun 25, 2019

You need the option do-not-query-localhost: no in unbound.conf.
The previous default value was yes and this prevented messages to 127.0.0.1 from the forward-addr.

Loading

@wcawijngaards
Copy link
Member

@wcawijngaards wcawijngaards commented Jun 25, 2019

(Closing this because I think it resolved your issue, if it did not resolve the issue, please explain more about what is going wrong).

Loading

@bjovereinder
Copy link
Member

@bjovereinder bjovereinder commented Jun 25, 2019

Loading

wcawijngaards added a commit that referenced this issue Jun 25, 2019
  when do-not-query-localhost is turned on, or at default on,
  unbound-checkconf prints a warning if it is found in forward-addr or
  stub-addr statements.
@wcawijngaards
Copy link
Member

@wcawijngaards wcawijngaards commented Jun 25, 2019

The commit above makes unbound-checkconf print out warnings for the matter, since other people also experience this as a surprise, I thought that could be helpful. Looks like this:
unbound-checkconf: warning: forward-addr: '127.0.0.1' is specified for forward-zone: '.', but do-not-query-localhost: yes means that the address will not be used for lookups.

Loading

jedisct1 added a commit to jedisct1/unbound that referenced this issue Jun 29, 2019
* nlnet/master: (22 commits)
  Nicer spelling and layout.
  - For NLnetLabs#45, check that 127.0.0.1 and ::1 are not used in unbound.conf   when do-not-query-localhost is turned on, or at default on,   unbound-checkconf prints a warning if it is found in forward-addr or   stub-addr statements.
  - Fix memleak in unit test, reported from the clang 8.0 static analyzer.
  - Fix python dict reference and double free in config.
  - Merge PR NLnetLabs#6: Python module: support multiple instances - Merge PR NLnetLabs#5: Python module: define constant MODULE_RESTART_NEXT - Merge PR NLnetLabs#4: Python module: assign something useful to the   per-query data store 'qdata' Noted in Changelog.
  - Added documentation to the ipset files (for doxygen output).
  - make depend
  - Fix to make unbound-control with ipset, remove unused variable,   use unsigned type because of comparison, and assign null instead   of compare with it.  Remade lex and yacc output.
  - PR NLnetLabs#28: IPSet module, by Kevin Chou.  Created a module to support   the ipset that could add the domain's ip to a list easily.   Needs libmnl, and --enable-ipset and config it, doc/README.ipset.md. - Fix to omit RRSIGs from addition to the ipset.
  - Fix for NLnetLabs#24: Fix abort due to scan of auth zone masters using old   address from previous scan.
  - Fix NLnetLabs#39: In libunbound, leftover logfile is close()d unpredictably.
  - Master contains version 1.9.3 in development.
  fix segmentation fault
  rollback the code
  bugfix
  performance improvement
  edit config parser to support ipset
  Add support for ipset
  Document how to configure multiple python modules
  Support multiple python module instances
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants