Hi guys,
Encountering a really annoying issue with Unbound that I'm hoping some of you may be able to help with.
I'm actually running unbound under an illumos zone on SmartOS, but, I've replicated the issue on OpenBSD, and figured posting in the OpenBSD section might get a bit more attention, the Solaris section seems a bit dead...
Of course, I feel this is more an issue with unbound itself.
Mods: feel free to move this post of course, apologies if I'm 'causing you any frustration.
I have the following line in my unbound.conf:
Code:
local-zone: "10.in-addr.arpa." nodefault
Related to the following stub-zone:
Code:
stub-zone:
name: "10.in-addr.arpa."
stub-addr: 10.19.3.11
This is supposed to forward reverse lookups for anything in 10.0.0.0/16 to an NSD instance I have running elsewhere.
Looking at the man page, at example configurations distributed with the package, at mailing lists and other online sources: this looks like it's exactly how it should be.
But, upon running the syntax-checker, it yields the following message:
Code:
/opt/local/etc/unbound/unbound.conf:41: error: syntax error
read /opt/local/etc/unbound/unbound.conf failed: 1 errors in configuration file
Line 41 is the local-zone mentioned above.
Does anybody have any clue what I'm doing wrong? 'Cause I sure can't!
Here's my entire config (with my domain replaced with "<domain>"):
Code:
server:
num-threads: 1
verbosity: 3
logfile: "/opt/local/etc/unbound/log/unbound.log"
interface: 10.19.3.12
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/16 allow
root-hints: "/opt/local/etc/unbound/root.hints"
auto-trust-anchor-file: "/opt/local/etc/unbound/root.key"
hide-identity: yes
hide-version: yes
harden-glue: yes
harden-dnssec-stripped: yes
use-caps-for-id: yes
unwanted-reply-threshold: 10000
val-clean-additional: yes
cache-min-ttl: 3600
cache-max-ttl: 86400
prefetch: yes
private-address: 172.16.0.0/12
private-address: 10.0.0.0/16
private-address: 192.254.0.0/16
private-domain: "<domain>"
include: "/opt/local/etc/unbound/adblock.conf"
remote-control:
control-enable: yes
control-interface: 127.0.0.1
forward-zone:
name: "."
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
local-zone: "10.in-addr.arpa." nodefault
stub-zone:
name: "<domain>"
stub-addr: 10.19.3.11
stub-zone:
name: "10.in-addr.arpa."
stub-addr: 10.19.3.11
Thanks in advance for any help on this, I'd really appreciate it!