Unable to set custom unbound options
-
I have a domain I own and use valid certificates for, to serve resources locally.
I have had a custom option set on the unbound DNS resolver (Display Custom Options -> Custom Options), which contained the following:
local-zone: "asd.com." redirect local-data: "asd.com. IN A 192.168.30.100"So any internal lookups for whatever.asd.com would direct to 192.168.30.100.
This has all worked fine for months, however today when I try to edit any unbound settings, I receive an error message:
The following input errors were detected: The generated config file cannot be parsed by unbound. Please correct the following errors: /var/unbound/test/unbound.conf:116: error: syntax error read /var/unbound/test/unbound.conf failed: 1 errors in configuration fileThe line numbers match with the Custom Options data added above.
I performed some debugging by manually editing
/var/unbound/unbound.confand reloading itunbound-control -c /var/unbound/unbound.conf reloadand it appears the issue is due to where in theunbound.conffile the custom options are added.If I add the exact same lines higher in the configuration file (but still under the server: directive), the service and configuration works as intended - I'm not sure what has changed or what is causing this syntax error.
Manual edits are fine to debug and temporarily fix internal resolutions, but Pfsense will overwrite the
unbound.conffile and my changes are lost. I also don't want to manually add host overrides for all internal services, I want to use the wildcard configuration.Can someone assist me on how to retain the persistent changes for unbound? Or has any ideas on what is causing the syntax error?
I also use pfblocker-ng, which may be related.
-
@fdfdfff2 said in Unable to set custom unbound options:
I have had a custom option set on the unbound DNS resolver (Display Custom Options -> Custom Options), which contained the following:
local-zone: "asd.com." redirect
local-data: "asd.com. IN A 192.168.30.100"So any internal lookups for whatever.asd.com would direct to 192.168.30.100.
Try this :
unbound local-data and look at the first link proposed.From what I recall, local-data and local-zone option need to be in a server: block, like this (see link for example).
If this was working before, this means you had the "server:" line at the top, and managed to remove it ?
But why using the custom options ?
Create a DNS override ( ?!) :
-
I like using the wildcard rather than host overrides, since I need to add one for every service - rather than a wildcard which is more dynamic.
I didn't change anything about the configuration or setup from the Custom Options - not sure why/what changed for the configuration to no longer work.
-
@fdfdfff2 said in Unable to set custom unbound options:
not sure why/what changed for the configuration to no longer work
What changed is clear now.
This works for me :
Fact check :
C:\Users\Gauche>nslookup asd.com Serveur : pfSense.bhf.tld Address: 2a01:cb19:dead:beef:92ec:77ff:fe29:392c Nom : asd.com Address: 192.168.30.100 -
Perfect - you are right, thanks so much!