Hi!
I am using unbound for DNS over TLS from 2019 and I didn't have problem butfrom the last update I got:
And unbound.conf:
I didn't change anything in the settings. What should be wrong, please?
Thank you.
I am using unbound for DNS over TLS from 2019 and I didn't have problem butfrom the last update I got:
Code:
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:503:c27::2:30 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:9f::42 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:200::b port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:9f::42 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:2::c port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:200::b port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:1::53 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:12::d0d port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:2f::f port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:7fd::1 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:503:ba3e::2:30 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:dc3::35 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:7fe::53 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:a8::e port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:503:c27::2:30 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:2d::d port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:1::53 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:2f::f port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:a8::e port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:503:ba3e::2:30 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:7fe::53 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:200::b port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:2::c port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:12::d0d port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:dc3::35 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:2d::d port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:7fd::1 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:503:c27::2:30 port 53
[1608331195] libunbound[20481:0] error: udp connect failed: No route to host for 2001:500:9f::42 port 53
Code:
server:
port: 53
username: unbound
module-config: "validator iterator"
access-control: 127.0.0.1 allow
access-control: 192.168.0.0/16 allow
# access-control: fddd::/48 allow
# unblock-lan-zones: yes
# insecure-lan-zones: yes
aggressive-nsec: yes
cache-max-ttl: 14400
cache-min-ttl: 1200
directory: /usr/local/etc/unbound
chroot: /usr/local/etc/unbound
# root-hints: /usr/local/etc/unbound/root.hints
auto-trust-anchor-file: /usr/local/etc/unbound/root.key
include: /usr/local/etc/unbound/blacklist.conf
logfile: /usr/local/etc/unbound/unbound.log
log-time-ascii: yes
val-log-level: 2
use-syslog: no
do-ip4: yes
do-ip6: no
do-tcp: yes
do-udp: yes
hide-identity: yes
hide-version: yes
qname-minimisation: yes
minimal-responses: yes
harden-glue: yes
harden-dnssec-stripped: yes
disable-dnssec-lame-check: yes
interface: 127.0.0.1
interface: ::0
pidfile: /var/run/unbound.pid
prefetch: yes
prefetch-key: yes
rrset-roundrobin: yes
val-clean-additional: yes
unwanted-reply-threshold: 10000
tls-cert-bundle: "/usr/local/share/certs/ca-root-nss.crt"
use-caps-for-id: yes
# Unbound from pkg built with libevent; increase threads and slabs to the
# number of real cpu cores to reduce lock contention. Increase cache size to
# store more records and allow each thread to serve an increased number of
# concurrent client requests.
num-threads: 4
# msg-cache-slabs: 4
# rrset-cache-slabs: 4
# infra-cache-slabs: 4
# key-cache-slabs: 4
# msg-cache-size: 256M
# rrset-cache-size: 512M
# outgoing-range: 8192
# num-queries-per-thread: 4096
# forward-addr format must be ip "@" port number "#" followed by the valid public hostname
# in order for unbound to use the tls-cert-bundle to validate the dns server certificate.
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 80.241.218.68@853 # fdns1.dismail.de
forward-addr: 159.69.114.157@853 # fdns2.dismail.de
forward-addr: 146.255.56.98@853 # dot1.applied-privacy.net
Thank you.