From owner-freebsd-stable@freebsd.org Fri Jun 10 19:10:20 2016 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9232AD932E for ; Fri, 10 Jun 2016 19:10:20 +0000 (UTC) (envelope-from freebsd-stable-local@be-well.ilk.org) Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id B61A828B8 for ; Fri, 10 Jun 2016 19:10:20 +0000 (UTC) (envelope-from freebsd-stable-local@be-well.ilk.org) Received: by mailman.ysv.freebsd.org (Postfix) id B1BD4AD932D; Fri, 10 Jun 2016 19:10:20 +0000 (UTC) Delivered-To: stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B1600AD932C for ; Fri, 10 Jun 2016 19:10:20 +0000 (UTC) (envelope-from freebsd-stable-local@be-well.ilk.org) Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173]) by mx1.freebsd.org (Postfix) with ESMTP id 8E87228B7 for ; Fri, 10 Jun 2016 19:10:20 +0000 (UTC) (envelope-from freebsd-stable-local@be-well.ilk.org) Received: by be-well.ilk.org (Postfix, from userid 1147) id BD01E33C26; Fri, 10 Jun 2016 15:10:12 -0400 (EDT) From: Lowell Gilbert To: Slawa Olhovchenkov Cc: stable@freebsd.org, Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , krad Subject: Re: unbound and ntp issuse References: <20160602122727.GB75625@zxy.spb.ru> <86pors7cba.fsf@desk.des.no> <20160608094859.GH75625@zxy.spb.ru> <20160609080440.GR75630@zxy.spb.ru> <20160609133739.GV75630@zxy.spb.ru> <44r3c68od2.fsf@lowell-desk.lan> <20160609140209.GW75630@zxy.spb.ru> <44mvmu8b9m.fsf@lowell-desk.lan> <20160609185645.GZ75630@zxy.spb.ru> Date: Fri, 10 Jun 2016 15:10:10 -0400 In-Reply-To: <20160609185645.GZ75630@zxy.spb.ru> (Slawa Olhovchenkov's message of "Thu, 9 Jun 2016 21:56:45 +0300") Message-ID: <44vb1gx3l9.fsf@be-well.ilk.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Jun 2016 19:10:20 -0000 Slawa Olhovchenkov writes: > On Thu, Jun 09, 2016 at 02:31:17PM -0400, Lowell Gilbert wrote: > >> Slawa Olhovchenkov writes: >> >> > On Thu, Jun 09, 2016 at 09:48:25AM -0400, Lowell Gilbert wrote: >> > >> >> Slawa Olhovchenkov writes: >> >> >> >> > On Thu, Jun 09, 2016 at 02:29:09PM +0100, krad wrote: >> >> > >> >> >> I doubt that will happen as you are asking to pollute every release >> >> >> installation for an edge condition when there is numerous work arounds >> >> >> that would be acceptable to most. eg two lines in rc.conf will fix the >> >> >> issue. >> >> > >> >> > This manual editing will be required by every install on RPi, for >> >> > example. >> >> >> >> No, it won't. Most people will just give the system a valid DNS >> >> configuration, and the clock will not be an issue. >> > >> > What invalid in my DNS configuration? >> >> You said that you configured 127.0.0.1 as your DNS server. You didn't >> say how (or rather where) you did that, but if you had used the address >> of a working upstream recursive server, I suspect there wouldn't have >> been any problem. > > Configuring 127.0.0.1 as DNS server and enabling loacal_unbound cause > unbound acts as recursive resolver. This is conventional setup. > ("No forwarders found in resolv.conf, unbound will recurse." > -- from /usr/sbin/local-unbound-setup) I'll check on it if I get a chance. > Using upstream recursive server with local unbound will cause same > problem, IMHO, because unbound will be enfocing DNSSEC by the same > way and rejecting all answers from upstream. Well, we know that is not the case, because in that case nearly everyone would be having the problem.