From owner-freebsd-questions@FreeBSD.ORG Mon Nov 3 01:56:40 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 14737E00 for ; Mon, 3 Nov 2014 01:56:40 +0000 (UTC) Received: from h3lix.wtfayla.net (helix.wtfayla.net [24.105.170.68]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DCF1B1E8 for ; Mon, 3 Nov 2014 01:56:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by h3lix.wtfayla.net (Postfix) with ESMTP id 0C9E584C08 for ; Sun, 2 Nov 2014 20:49:51 -0500 (EST) Received: from h3lix.wtfayla.net ([127.0.0.1]) by localhost (h3lix.wtfayla.net [127.0.0.1]) (maiad, port 10024) with ESMTP id 89713-05 for ; Sun, 2 Nov 2014 20:49:50 -0500 (EST) Received: from helix.wtfayla.net (helix.wtfayla.net [24.105.170.68]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by h3lix.wtfayla.net (Postfix) with ESMTPS id B540184C04 for ; Sun, 2 Nov 2014 20:49:50 -0500 (EST) Date: Sun, 2 Nov 2014 20:49:50 -0500 (EST) From: freebsd@fongaboo.com X-X-Sender: fongaboo@helix.wtfayla.net To: freebsd-questions@freebsd.org Subject: Can't get Unbound caching/recursive server to answer on outside IP In-Reply-To: <86lhnup5l3.fsf@gly.ftfl.ca> Message-ID: References: <86lhnup5l3.fsf@gly.ftfl.ca> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Nov 2014 01:56:40 -0000 Have a FreeBSD 10 machine. Have two outside IPs bound to it. First IP has NSD running as an authoritative server. THis is specified specifically in the interface entry of nsd.conf. Trying to run caching/recursive nameserver with unbound on the second IP. I specified the following entries in unbound.conf: interface: 127.0.0.1 interface: I followed the tutorial at https://calomel.org/unbound_dns.html. I added lines for unbound-control. But other than that, and the extra interface lines, its as specified in the tutorial... Oh, also the locations are modified from /var/unbound/etc/ to /var/unbound/. I can get it to resolve when I run nslookup and set the server to 127.0.0.1, but not when I set it to the second IP. I'm wondering if something else is floating around on 127.0.0.1 port 53? Because when I run unbound-control dump_requestlist, I get an empty list. I would think I would see the requests I made successfully on 127.0.0.1. BTW, I have this in IPFW: allow udp from any to any dst-port 53 in Any ideas why I can't get answers on the second IP? ------------------------------------------------------------------------- shot through the heart ooh baby do you know what that's worth and you're to blame ooh heaven is a place on earth darling you give love they say in heaven love comes first a bad name we'll make heaven a place on earth ORBITAL "Halcyon Live"