Unbound requests: IPv6 features enabled and update to 1.4.10
-
Failed again for me, reinstalling seems to get forwarding mode enabled even though i had it disabled. Unchecking and hitting save has no effect, always remains enabled. Deleted package, then downloaded the backup config file and edited it to remove all Unbound entries and then restored the config, reinstalled Unbound but same thing, forwarding mode remains enabled.
-
@onhel:
Failed again for me, reinstalling seems to get forwarding mode enabled even though i had it disabled. Unchecking and hitting save has no effect, always remains enabled. Deleted package, then downloaded the backup config file and edited it to remove all Unbound entries and then restored the config, reinstalled Unbound but same thing, forwarding mode remains enabled.
You mean the DNS Forwarder i.e. dnsmasq remains enabled?
-
No, the enable forwarding mode in the Unbound settings page. That check box will not go unchecked.
-
Yes, same issue on mainstream 2.0 RC3 Unbound 1.4.10_02 either with Firefox or Chrome (Iron)
Those boxes stay checked :- Enable DNSSEC
- Enable forwarding mode
- Private Address support
- TXT Comment Support
-
@GLR:
Yes, same issue on mainstream 2.0 RC3 Unbound 1.4.10_02 either with Firefox or Chrome (Iron)
Those boxes stay checked :- Enable DNSSEC
- Enable forwarding mode
- Private Address support
- TXT Comment Support
So you can uncheck the box - but after you click save it is still checked? Or you cant uncheck the box at all?
-
Yeah I just checked on the forwarding one.. I do not want it to doing forwarding requests. I should look up on its own, I uncheck the box click save and then box is still checked. Seems I might have to change it in the config by hand for now.
Ok I just took a look at the config and I don't see forwarding setup.. So not sure why the check mark is set on the web gui interface for unbound?
I also verified by doing a few packet captures on the wan to see where dns was going.. And did not see any packets to what I have setup for pfsense to use in general 4.2.2.2
09:01:43.491932 IP 24.13.xxx.xxx.48910 > 192.5.6.30.53: UDP, length 55
09:01:43.564438 IP 192.5.6.30.53 > 24.13.xxx.xxx.48910: UDP, length 382
09:01:43.565179 IP 24.13.xxx.xxx.15487 > 216.69.185.26.53: UDP, length 55
09:01:43.565470 IP 24.13.xxx.xxx.7590 > 216.69.185.35.53: UDP, length 51
09:01:43.565709 IP 24.13.xxx.xxx.25867 > 216.69.185.35.53: UDP, length 51
09:01:43.603711 IP 216.69.185.26.53 > 24.13.xxx.xxx.15487: UDP, length 126
09:01:43.604282 IP 24.13.xxx.xxx.50531 > 216.69.185.26.53: UDP, length 51192.5.6.30 = a.gtld-servers.net.
And then others are clearly dns servers themselves – so clearly its not forwarding to the 4.2.2.2 address I have setup in general.. But odd why the check mark in the gui is stuck in place.
-
Ok i just managed to replicate the problem. Let me investigate why…
-
Ok there was a change in pfSense a few days ago, I have reverted that change so upgrade to the next snap (which will probably be only available tomorrow). This will fix these checkboxes from been enabled when they shouldn't be. In the meantime, you can uncheck them and save. Unbound will still operate correctly in the background with the options you selected.
-
Do you have link to the commit, guess I could look it up but wondering when it will merge with the ipv6 line. So I can run just run a gitsync
-
gitsynced and reinstalled package, all is good now, thank you.
-
Do you have link to the commit, guess I could look it up but wondering when it will merge with the ipv6 line. So I can run just run a gitsync
https://github.com/bsdperimeter/pfsense/commit/91c31339104f424dad3de75f815697994b68a7c3
-
Thanks for that, I ran a gitsync and now that forwarder is unchecked. I also show RC3 now ;)
-
Yeah the IPv6 branch was updated yesterday. Also note there was a bug in the interface handling on the latest Unbound package, which I have just fixed and bumped the version number. It wouldn't have affected you unless you were selecting multiple interfaces.