Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 10 Jun 2016 15:10:10 -0400
From:      Lowell Gilbert <freebsd-stable-local@be-well.ilk.org>
To:        Slawa Olhovchenkov <slw@zxy.spb.ru>
Cc:        stable@freebsd.org,  Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no>,  krad <kraduk@gmail.com>
Subject:   Re: unbound and ntp issuse
Message-ID:  <44vb1gx3l9.fsf@be-well.ilk.org>
In-Reply-To: <20160609185645.GZ75630@zxy.spb.ru> (Slawa Olhovchenkov's message of "Thu, 9 Jun 2016 21:56:45 %2B0300")
References:  <20160602122727.GB75625@zxy.spb.ru> <86pors7cba.fsf@desk.des.no> <20160608094859.GH75625@zxy.spb.ru> <CALfReyes2H4e86B8gUfPEui8ivqWuaMDzcMa_=4BQorvvTam9A@mail.gmail.com> <20160609080440.GR75630@zxy.spb.ru> <CALfReycwtf9eiVDRLpqW==fYNWfaoeERfh8tFg=LKaiXWGC3ig@mail.gmail.com> <20160609133739.GV75630@zxy.spb.ru> <44r3c68od2.fsf@lowell-desk.lan> <20160609140209.GW75630@zxy.spb.ru> <44mvmu8b9m.fsf@lowell-desk.lan> <20160609185645.GZ75630@zxy.spb.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
Slawa Olhovchenkov <slw@zxy.spb.ru> writes:

> On Thu, Jun 09, 2016 at 02:31:17PM -0400, Lowell Gilbert wrote:
>
>> Slawa Olhovchenkov <slw@zxy.spb.ru> writes:
>> 
>> > On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote:
>> >
>> >> Slawa Olhovchenkov <slw@zxy.spb.ru> writes:
>> >> 
>> >> > On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote:
>> >> >
>> >> >> I doubt that will happen as you are asking to pollute every release
>> >> >> installation for an edge condition when  there is numerous work arounds
>> >> >> that would be acceptable to most.   eg two lines in rc.conf will fix the
>> >> >> issue.
>> >> >
>> >> > This manual editing will be required by every install on RPi, for
>> >> > example.
>> >> 
>> >> No, it won't. Most people will just give the system a valid DNS
>> >> configuration, and the clock will not be an issue.
>> >
>> > What invalid in my DNS configuration?
>> 
>> You said that you configured 127.0.0.1 as your DNS server. You didn't
>> say how (or rather where) you did that, but if you had used the address
>> of a working upstream recursive server, I suspect there wouldn't have
>> been any problem.
>
> Configuring 127.0.0.1 as DNS server and enabling loacal_unbound cause
> unbound acts as recursive resolver. This is conventional setup.
> ("No forwarders found in resolv.conf, unbound will recurse."
> -- from /usr/sbin/local-unbound-setup)

I'll check on it if I get a chance.

> Using upstream recursive server with local unbound will cause same
> problem, IMHO, because unbound will be enfocing DNSSEC by the same
> way and rejecting all answers from upstream.

Well, we know that is not the case, because in that case nearly everyone
would be having the problem.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44vb1gx3l9.fsf>