regression in 1.8.x from 1.7.3

Andreas Pflug pgadmin at pse-consulting.de
Sat Dec 29 12:29:56 CET 2018


I'm running unbound as resolver on routers for some years now, with some
local domain overrides. On the router, bind912 is installed as secondary
authoritative server for the local zones serving on port 5053, so the
unbound config has "do-not-query-localhost: no" and the appropriate
forward zones to 127.0.0.1 at 5053.

This setup worked like a charm up to unbound 1.7.3. After upgrading to
1.8.1 /1.8.2, the unbound process will stop resolving local domains from
the override after some minutes. Older requests are served correctly
from cache, but newer ones are queried from upstream, which fails of
course with an unknown TLD. flushing the local domain, all following
requests will go upstream. Nothing is logged.

Restarting the unbound process will heal the situation for some minutes,
but then the problem rises again. Replacing the unbound binary with the
1.7.3 version fixes the problem.

The routers are opnSense AMD64 (18.1 had the 1.7.3 unbound, 18.7 has
unbound 1.8.1 and 1.8.2 in the latest version)

Regards

Andreas



More information about the Unbound-users mailing list