Unbound undocumented fatal error, and a few questions



  • I managed to get an error that turns up zero results on Google.  If someone has previously tried to set up authoritative redirects on domains using DNS forwarder or any other package that created Hosts entries in the router, then later switches to Unbound and puts similar records in the custom config it's possible to get an undocumented fatal error (in the sense that pasting to Google doesn't seem to turn up an answer) and Unbound silently ends:

    unbound: [15826:0] error: local-data in redirect zone must reside at top of zone, not at <domain +="" dns="" data="">I think what's happening is Unbound both imports the router's hosts file to its config as well as applying custom config, failing when they contain similar entries. Either that, or it imports from DNS forwarder (when forwarder is disabled).

    Also:

    • How do I view or clear pfsense's own hosts file and local DNS cache?

    • Unbound is creating unwanted entries for my LAN IPs and some WAN side IPs ("local-data-ptr: "x.x.x.x PC_NAME.DOMAIN"" etc). What's the necessary config code for Unbound to not create records for, or to refuse to act as a DNS server for, specific IP ranges?</domain>



  • @stilez:

    • How do I view or clear pfsense's own hosts file and local DNS cache?

    pfSense's host files is populated with the entries in the Host override section and also if you have DHCP hosts been automatically added.

    @stilez:

    • Unbound is creating unwanted entries for my LAN IPs and some WAN side IPs ("local-data-ptr: "x.x.x.x PC_NAME.DOMAIN"" etc). What's the necessary config code for Unbound to not create records for, or to refuse to act as a DNS server for, specific IP ranges?

    Delete the entries from your host and domain overrides as Unbound makes use of that to populate its entries.


Log in to reply