unbound help request: configuring local-void.zones gives syntax error

[gfoster]

Trying to set up local-void.zones on FreeBSD 13.1-p3, install from package went OK, as did running
void-zones-update.sh, resulting files all appear to be in the right place. Excerpt from /usr/local/etc/unbound/unbound.conf:

# tail -5 unbound.conf
include: /var/unbound/local-void.zones
include: /var/unbound/lan-zones.conf
include: /var/unbound/control.conf
include: /var/unbound/conf.d/*.conf
include: /var/unbound/forward.conf

However, unbound-checkconf results in:

# unbound-checkconf
/var/unbound/local-void.zones:1: error: syntax error
read /usr/local/etc/unbound/unbound.conf failed: 1 errors in configuration file

but to my eye /var/unbound/local-void.zones looks fine:

# head /var/unbound/local-void.zones
local-zone: "sdk.iappgame.com" static
local-zone: "education-securiter-routiere.fr" static
local-zone: "click.silvercash.com" static
local-zone: "kilomniadst.info" static
local-zone: "mic.mob.com" static
local-zone: "homify.com.mx" static
local-zone: "completecabbage.com" static
local-zone: "republika.onet.pl" static
local-zone: "preview.msn.com" static
local-zone: "pos.baidu.com" static

In case some are confused upon close reading of path names in the above, I offer this explanation:

# ls -ld /usr/local/etc/unbound
lrwxr-xr-x  1 unbound  wheel  12 Nov  6 20:27 /usr/local/etc/unbound -> /var/unbound

What am I missing?

 

[gfoster]

After looking around the forum a little, it appears taht this might be better placed in the Web and network services sub-forum. If so, how do I get it moved?

 

[chrbr]

but to my eye /var/unbound/local-void.zones looks fine:

Yes, it looks fine. My suggestion is to copy the original file to a safe place. Then delete almost everything in the config file and run the check again. If the result is ok, then one or more lines in the original file are not as expected. If the check result is not ok, then the issue is elsewhere.

 

[gfoster]

I am well aware that line numbers in error reports can't always be trusted as e.g. an extra quote many lines earlier not being closed finally gets noticed by the parser. I am not seeing a way in the docs to level up debugging messages, is this something that can be done?

Also, while I am getting acquainted with unbound (been running BIND for decades), what is the difference between the local_unbound service and the unbound service? Just guessing here...local_unbound only answers queries from localhost? (but maybe there's more to it than that).

 

[SirDice]

what is the difference between the local_unbound service and the unbound service?

Local_unbound is included with the base OS, the other is installed as a port/package. Mostly the same version but the port version allows you to enable features which might be disabled on the one included with the base.

Just guessing here...local_unbound only answers queries from localhost?

Previous versions of FreeBSD had BIND included with the base OS. BIND got replaced with unbound, somewhere around FreeBSD 9.0 if I recall correctly. The default configuration of BIND was set up as a caching, forwarding DNS server. The local_unbound replacement is configured in the same way, as a caching forwarding server.

 

[chrbr]

ust guessing here...local_unbound only answers queries from localhost? (but maybe there's more to it than that).

Yes, at least this is the information I had when starting with unbound. I have unbound listening on lo1 which allows jails to use the unbound on the host.