Bug 3494 – [BUG] View-First has no effect on configuration

Bug 3494 - [BUG] View-First has no effect on configuration


Summary:	[BUG] View-First has no effect on configuration

Status:	RESOLVED FIXED

Product:	unbound
Classification:	Unclassified
Component:	server
Version:	1.6.7
Hardware:	x86_64 Windows

Importance:	P5 major
Assigned To:	unbound team

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2018-02-17 06:45 CET by GΛVĪN
Modified:	2018-02-20 00:44 CET (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GΛVĪN 2018-02-17 06:45:43 CET

I have the following config (excerpt-only):
server:
	access-control-view: 192.168.1.1/32 me
	local-zone: "me.local." static
	local-data: "a.me.local. A 1.1.1.1"
	local-data: "b.me.local. A 3.3.3.3"
		
view:
	name: "me"
	view-first: yes
	local-zone: "me.local." static
	local-data: "a.me.local. A 2.2.2.2"


When making a query from 192.168.1.2 to the server 192.168.1.1 listening on 0.0.0.0 I receive the expected answers for a.me.local. (1.1.1.1) and b.me.local. (3.3.3.3)

When making a query from the server itself using 192.168.1.1 (not 127.0.0.1) I get the expected response for a.me.local. (2.2.2.2) however a query for b.me.local. yields NXDOMAIN.

As I understand the documentation the view-first parameter is supposed to fall-back to the global configuration for queries which cannot be answered from the view specific data.  This is not the case.

Also, changing the parameter to no or removing it entirely produces exactly the same results.

Comment 1 GΛVĪN 2018-02-17 06:50:31 CET

Please note, this also occurs in 1.6.8.

Comment 2 Wouter Wijngaards 2018-02-19 11:04:31 CET

Hi Gavin,

The fallback seems to be for the entire zone, not per record.  So it'll fallback for 'me.local', but there is a me.local in view 'me'.  So, it uses the local-zone  from the view 'me'.

If you made the local-zones specific for a.me.local, it would see that b.me.local is not covered by a zone in view me, and fallback.

So change the local-zone line in view me to
local-zone: "a.me.local." static

If you have a zone for 'me.local' in view me, there is no way to do this right now.  There would need to be a 'hole' in the view for b.me.local, with some (to-be-created) local zone type to do that.  local-zone: "me.local" static and then local-zone "b.me.local" noview  (is "noview" useful here?)

Best regards, Wouter

Comment 3 Wouter Wijngaards 2018-02-19 13:14:18 CET

Hi,

Resolved this by implementing type noview.  In the view 'me', create an entry local-zone: "b.local.me" noview

Best regards, Wouter

Comment 4 GΛVĪN 2018-02-20 00:44:25 CET

(In reply to Wouter Wijngaards from comment #3)
> Hi,
> 
> Resolved this by implementing type noview.  In the view 'me', create an
> entry local-zone: "b.local.me" noview
> 
> Best regards, Wouter

Thanks Wouter, i'll try this out soon.