From owner-freebsd-hackers@FreeBSD.ORG  Thu Sep 18 15:25:12 2014
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 98E95EC5;
 Thu, 18 Sep 2014 15:25:12 +0000 (UTC)
Received: from puchar.net (puchar.net [188.252.31.250])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "puchar.net", Issuer "puchar.net" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 254777B4;
 Thu, 18 Sep 2014 15:25:11 +0000 (UTC)
Received: Received: from 127.0.0.1 (localhost [127.0.0.1])
 by puchar.net (8.14.9/8.14.9) with ESMTP id s8IFP7qo011607;
 Thu, 18 Sep 2014 17:25:07 +0200 (CEST)
 (envelope-from wojtek@puchar.net)
Date: Thu, 18 Sep 2014 17:25:08 +0200 (CEST)
From: Wojciech Puchar <wojtek@puchar.net>
X-X-Sender: wojtek@laptop
To: Mark Felder <feld@FreeBSD.org>
Subject: Re: unbound - what is wrong
In-Reply-To: <1411041094.640133.168972769.6D823A59@webmail.messagingengine.com>
Message-ID: <alpine.BSF.2.00.1409181722350.23585@laptop>
References: <alpine.BSF.2.00.1409181128140.12358@laptop>
 <1411041094.640133.168972769.6D823A59@webmail.messagingengine.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3
 (puchar.net [10.0.1.1]); Thu, 18 Sep 2014 17:25:07 +0200 (CEST)
Cc: freebsd-hackers@freebsd.org
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Sep 2014 15:25:12 -0000

>> Host intra not found: 2(SERVFAIL)
>>
>>
>> what is wrong?
>>
>
> Can you confirm that a dig or drill @10.0.1.1 for intra hostnames works
> correctly?

yes i can
[wojtek@laptop ~]$ drill intra @10.0.1.1
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 19090
;; flags: qr aa rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;; intra.       IN      A

;; ANSWER SECTION:
intra.  10800   IN      A       10.0.1.1

;; AUTHORITY SECTION:
intra.  10800   IN      NS      dns.intra.

;; ADDITIONAL SECTION:
dns.intra.      10800   IN      A       10.0.1.1

;; Query time: 21 msec
;; SERVER: 10.0.1.1
;; WHEN: Thu Sep 18 17:22:27 2014
;; MSG SIZE  rcvd: 73


>
> I previously had a setup that required two additional lines. See below:
>
> private-domain: localdomain
> domain-insecure: localdomain
> forward-zone:
>        name: "localdomain"
>        forward-addr: 192.168.1.1

now i have

private-address: 10.0.0.0/8
domain-insecure: intra.
local-zone: "10.in-addr.arpa." transparent
local-zone: "intra." transparent
forward-zone:
  name: intra.
  forward-addr: 10.0.1.1
forward-zone:
  name: 10.in-addr.arpa.
  forward-addr: 10.0.1.1



things changed:

[root@laptop ~]# host intra

YES - no output, no error.

[root@laptop ~]# host -a intra
Trying "intra"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20302
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;intra.                         IN      TYPE255

;; ANSWER SECTION:
intra.                  10800   IN      SOA     dns.intra. 
root.puchar.net. 1409050208 3600 3600 604800 10800
intra.                  10800   IN      NS      dns.intra.

Received 92 bytes from 127.0.0.1#53 in 20 ms