Control: severity -1 normal Control: tag -1 + moreinfo unreproducible
On Wed, 12 Jun 2024 15:13:25 +0200 Vincent Lefevre <vinc...@vinc17.net> wrote:
Package: unbound Version: 1.20.0-1 Severity: grave Justification: renders package unusable I've just installed unbound on a new machine to avoid bug 1070120. With /etc/resolv.conf containing only nameserver 127.0.0.1 I get SERVFAIL for every request. For instance: $ host google.com Host google.com not found: 2(SERVFAIL)
You have to be much more specific and provide at least some debugging when filing such bug reports. By doing it this way, filing a grave bug without any extra info, you just reduce willingness to deal with your report, basically putting it to the end of the TODO queue. Unbound works just fine for me and for lots of other users. Common issue when it does not work is when your network filters access to outside DNS services (redirecting port 53 traffic to local nameservers for example), or filters DNSSEC packets. There might be other issues in the local network preventing unbound from working. Unlike most other "simple" DNS resolvers out there, unbound is not a stub resolver, it is a full-featured resolver. And as such, it requires unrestricted access to all nameservers worldwide, starting with the root zone. You can turn on debugging and take a look at the logs. Or just take a look at the logs with default debug level - I bet you'll find out that unbound can't verify DNSSEC. /mjt
