Date: Thu, 12 Oct 2017 12:11:29 +0100 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Subject: Re: Unbound(8) caching resolver no workie on fresh install :-( Message-ID: <098539ec-6a14-00f3-f5e7-bd197d63e499@FreeBSD.org> In-Reply-To: <1468.1507784248@segfault.tristatelogic.com> References: <1468.1507784248@segfault.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/10/2017 05:57, Ronald F. Guilmette wrote: > > I just installed a fresh 11.1-RELEASE system onto a pristine drive. > (Be patient with me please. I haven't done this in a long while.) > > All seems to be working well, however I noticed the new install option > to enable a local caching resolver, and I said to myself "Yea! Sounds > great to me!" So I enabled that. > > After the install finished and I booted the new system, I immediately > got some console errors indicating that the various default NTP servers > (I also enabled NTP) were not resolving. :-( > > So, um, what gives? This particular machine is, for the moment, NAT'd/DHCP'd > behind my trusty Linksys E4200. Do I need to poke a hole in that so that the > UDP DNS query replies can actually make it all the way back to this box? > Or is there something I need to diddle under /etc/unbound that isn't just > ready to go, out of the box? This is something I've observed too -- it's an ordering or timing problem with the startup scripts -- ie. ntpd(8) gets started before local_unbound is properly ready to answer queries. However, the effect is largely cosmetic. ntpd will complain about resolving server names on startup, but as soon as unbound gets going, ntpd should connect and sync up. I suspect you were being misled by the other problem you posted about where ntpd was dying shortly after startup because the clock was way off -- these error messages are not related to why ntpd is failing. As for local_unbound, if you can resolve hostnames into IP numbers 'host www.freebsd.org' from the command line, then you can be pretty sure that local_unbound is working OK. local_unbound defaults to using any resolvers found in /etc/resolv.conf as forwarders -- so if your local DHCP server says to use a specific resolver, it will -- but you can override that by setting local_unbound_forwarders in /etc/rc.conf to a list of IP numbers for the DNS resolvers you'ld like to use. local_unbound will in fact work perfectly happily without any forwarders, but there isn't a flag to force that behaviour. Cheers, Matthew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?098539ec-6a14-00f3-f5e7-bd197d63e499>