Thread: Unbound reverse-ptr stub-zone woes
View Single Post
  #1   (View Single Post)  
Old 9th August 2014
cmacrae cmacrae is offline
Real Name: Calum MacRae
New User
  
Join Date: Apr 2014
Location: UK
Posts: 4
Default Unbound reverse-ptr stub-zone woes
Hi guys,

Encountering a really annoying issue with Unbound that I'm hoping some of you may be able to help with.

I'm actually running unbound under an illumos zone on SmartOS, but, I've replicated the issue on OpenBSD, and figured posting in the OpenBSD section might get a bit more attention, the Solaris section seems a bit dead...

Of course, I feel this is more an issue with unbound itself.
Mods: feel free to move this post of course, apologies if I'm 'causing you any frustration.

I have the following line in my unbound.conf:
Code:
local-zone: "10.in-addr.arpa." nodefault
Related to the following stub-zone:
Code:
stub-zone:
                name: "10.in-addr.arpa."
                stub-addr: 10.19.3.11
This is supposed to forward reverse lookups for anything in 10.0.0.0/16 to an NSD instance I have running elsewhere.

Looking at the man page, at example configurations distributed with the package, at mailing lists and other online sources: this looks like it's exactly how it should be.

But, upon running the syntax-checker, it yields the following message:
Code:
/opt/local/etc/unbound/unbound.conf:41: error: syntax error
read /opt/local/etc/unbound/unbound.conf failed: 1 errors in configuration file
Line 41 is the local-zone mentioned above.

Does anybody have any clue what I'm doing wrong? 'Cause I sure can't!

Here's my entire config (with my domain replaced with "<domain>"):
Code:
server:
        num-threads: 1
        verbosity: 3
        logfile: "/opt/local/etc/unbound/log/unbound.log"
        interface: 10.19.3.12

        access-control: 127.0.0.0/8 allow
        access-control: 10.0.0.0/16 allow

        root-hints: "/opt/local/etc/unbound/root.hints"
        auto-trust-anchor-file: "/opt/local/etc/unbound/root.key"

        hide-identity: yes
        hide-version: yes
        harden-glue: yes
        harden-dnssec-stripped: yes
        use-caps-for-id: yes
        unwanted-reply-threshold: 10000
        val-clean-additional: yes

        cache-min-ttl: 3600
        cache-max-ttl: 86400
        prefetch: yes

        private-address: 172.16.0.0/12
        private-address: 10.0.0.0/16
        private-address: 192.254.0.0/16
        private-domain: "<domain>"

        include: "/opt/local/etc/unbound/adblock.conf"

        remote-control:
                control-enable: yes
                control-interface: 127.0.0.1

        forward-zone:
                name: "."
                forward-addr: 8.8.8.8
                forward-addr: 8.8.4.4

        local-zone: "10.in-addr.arpa." nodefault

        stub-zone:
                name: "<domain>"
                stub-addr: 10.19.3.11

        stub-zone:
                name: "10.in-addr.arpa."
                stub-addr: 10.19.3.11
Thanks in advance for any help on this, I'd really appreciate it!
Reply With Quote