Can't resolve domain with fresh install local_unbound service

[jazzi]

It's a fresh installation of FreeBSD 14.3 and local_unbound service was checked, after rebooting I found `pkg` doesn't work and finally found it's because of local_unbound service doesn't work.

# ping -c 1 freebsd.org
ping: cannot resolve freebsd.org: Address family for hostname not supported

# service local_unbound status
local_unbound is running as pid 3377.

Tried command

local-unbound-setup 180.76.76.76

but didn't work.
Hereby is some information.

ls /etc/unbound
conf.d    forward.conf    root.key
control.conf    lan-zones.conf    unbound.conf

# cat unbound.conf

# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
server:
    username: unbound
    directory: /var/unbound
    chroot: /var/unbound
    pidfile: /var/run/local_unbound.pid
    auto-trust-anchor-file: /var/unbound/root.key
include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/control.conf
include: /var/unbound/conf.d/*.conf

root@rob:/etc/unbound # cat forward.conf
# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
forward-zone:
    name: .
    forward-addr: 180.76.76.76

# cat /etc/resolv.conf

# Generated by resolvconf
# nameserver 192.168.31.1
nameserver 127.0.0.1
options edns0

Either fix this unbound problem or get rid of unbound is ok, just don't know where to go, please let me know if any more information needed.

Thank you.

 

[SirDice]

ping: cannot resolve freebsd.org: Address family for hostname not supported

You get this type of error message when the hostname resolves to an IPv6 address but the system has no IPv6 enabled. Strange because the domain has both an IPv4 and IPv6 address, so it should simply use IPv4 if there's no IPv6 available.

What does drill @127.0.0.1 freebsd.org return?

Edit: Try removing that options edns0 line from /etc/resolv.conf. If I remember correctly that option requires some additional setting up in the unbound config.

 

[jazzi]

What does drill @127.0.0.1 freebsd.org return?

# drill @127.0.0.1 freebsd.org
Error: error sending query: Could not send or receive, because of network error

This FreeBSD node locates in home lan, I can ssh into it through my laptop wifi and this FreeBSD uses DHCP to obtain ip address.


options edns0


removed.
Yes SirDice, my system only enabled IPv4.

 

[SirDice]

# drill @127.0.0.1 freebsd.org Error: error sending query: Could not send or receive, because of network error

You have a seriously bad configured network if 127.0.0.1 cannot be reached. Is this a jail perhaps? A non-VNET jail won't have access to lo0.

 

[jazzi]

Is this a jail perhaps? A non-VNET jail won't have access to lo0.

No, it's not a jail, it's barebones, seems have to reinstall it sighhhhhh

Oh no I don't want to reinstall, so I stopped local_unbound service and followed the handbook to set static IPv4 address and restart netif & routing, now everything works fine as below.

# ping -c1 www.freebsd.org

PING www.freebsd.org (210.231.212.93): 56 data bytes
64 bytes from 210.231.212.93: icmp_seq=0 ttl=43 time=273.910 ms
--- www.freebsd.org ping statistics ---

1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 273.910/273.910/273.910/0.000 ms

Just be curious, why local unbound doesn't work?

 

[T-Aoki]

If I recall correctly, configurations in /etc/resolv.conf is deleted and moved into /var/unbound/forward.conf when local-unbound-setup is run.

So if /etc/resolv.conf was NOT configured properly at the first point, possibly proper /var/unbound/forward.conf is NOT generated.

 

[scottro]

I've found that at first reboot, I always have to add another nameserver. Someone, when I asked, said this was normal, I can't find the thread now. But unbound has to build a up a cache. (however, this seems to disagree with what people who know a lot more than me are saying, so, take it with a grain of salt.)]

Ah, here's my old thread. https://forums.freebsd.org/threads/question-on-included-unbound.98875/

However, I just quickly set up a VM and if I remembered to run local-unbound-setup it put the nameserver I use in /var/unbound/forward.conf. So,it may be necessary to run

local-unbound-setup

before relying on it.

 

[SirDice]

seems have to reinstall it sighhhhhh

No. Stop treating it as if it's Windows. There's zero reason for reinstalling the entire OS due to a configuration error. Just fix the configuration.

 

[facedebouc]

Do you have security/ca_root_nss installed ?

 

[jazzi]

I've found that at first reboot, I always have to add another nameserver. Someone, when I asked, said this was normal, I can't find the thread now. But unbound has to build a up a cache. (however, this seems to disagree with what people who know a lot more than me are saying, so, take it with a grain of salt.)]

Ah, here's my old thread. https://forums.freebsd.org/threads/question-on-included-unbound.98875/

However, I just quickly set up a VM and if I remembered to run local-unbound-setup it put the nameserver I use in /var/unbound/forward.conf. So,it may be necessary to run

local-unbound-setup

before relying on it.

I ever read your post and tried the command local_unbound_forwarders but didn't work. Anyway, thank you all.

 

[scottro]

No, the command is

 local-unbound-setup

and then see if there's a working nameserver in /var/unbound/forward.conf

In other words, during installation, I specify a nameserver, say 192.168.1.146. Then, later in the install, I choose to use local-unbound, where you have that list of things to check or uncheck. Then, install is done, I reboot. Now, *before* I use pkg to download anything (after the reboot), I run

local-unbound-setup

. After doing that, if I look at /var/unbound/forward.conf I see that it shows 192.168.1.146 as a forwarder.