Hallo,
ich habe schon im Internet geschaut und ich habe schon das Manual durchgegangen. Trotzdem bin ich zu keiner Lösung gekommen.
Die internen Domains löst Unbound 100% auf und des gibt keine Probleme.
Will ich aber zum Beispiel google.com auflösen kommt die Meldung SERVFAIL.
Kann irgendjemand den Fehler in der Konfigurationsdatei erkennen?
Danke
<Update vom 31.07.2016 11:30>
Ich hatte schon das Logfile aktiv gehabt. Es wurde nichts reingeschrieben. Die Logfile wure auch auf chmod 777 gesetzt!
Ich habe auch im Syslog geschaut.
</Update>
<Update 31.07.2016>
/etc/init.d/unbound status ergab:
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] notice: init module 1: iterator
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: start of service (unbound 1.4.22).
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
Jul 31 12:31:10 raspberrypi unbound[3345]: [3345:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
Jul 31 12:31:10 raspberrypi unbound[3333]: Starting recursive DNS server: unbound.
Jul 31 12:31:10 raspberrypi systemd[1]: Started (null).
</Update>
<Update 31.07.2016 13:06> Die Configdatei unbound.conf wurde so geändert:
include: "/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf"
server:
#auto-trust-anchor-file: "/var/lib/unbound/root.key"
</Update>
etc/unbound/unbound.conf:
include: "/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf"
server:
#auto-trust-anchor-file: "/var/lib/unbound/root.key"
#root dns list
root-hints: "/etc/unbound/root.hints"
#listen on all interfaces
interface: 0.0.0.0
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
#allow only local/lan access
access-control: 127.0.0.0/8 allow
access-control: 192.168.188.0/24 allow
access-control: 0.0.0.0/0 refuse
#my domain name and the available hosts
#private-domain: "de."
#include: /etc/unbound/forwardde.conf
#include: /etc/unbound/reversede.conf
#my domain name and the available hosts
private-domain: "lan."
include: /etc/unbound/forwardlan.conf
include: /etc/unbound/reverselan.conf
#my domain name and the available hosts
private-domain: "box."
include: /etc/unbound/forwardbox.conf
include: /etc/unbound/reversebox.conf
#my domain name and the available hosts
private-domain: "repeater."
include: /etc/unbound/forwardrepeater.conf
include: /etc/unbound/reverserepeater.conf
# Domains, inklusive deren Subdomains, die nicht aufgelöst werden dürfen (Z.B.
# doubleclick.net).
# local-zone: "example.com" refuse
remote-control:
control-enable: no
#forward anything else to google dns server
forward-zone:
name: "."
forward-addr: 8.8.4.4
forward-addr: 8.8.8.8
Alles anzeigen
etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf: