Open popovr opened 1 year ago
Hello,
adding zones with 'unbound-control local_zone xxx.xxx. deny' randomly breakes local-data records. different zones being added break different records.
for example: adding 'test.com' breakes local-data record for 'weather.com'
unbound verions found to be affected: 1.17.0, 1.17.1 OS independent (tried freebsd 13.1, debian 7.11)
[root@rvp /home/rvp]# unbound-control reload ok [root@rvp /home/rvp]# unbound-control list_local_data | grep weather weather.com. 10900 IN A 127.0.0.1 [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Name: weather.com Address: 127.0.0.1
[root@rvp /home/rvp]# unbound-control local_zone test.net. deny ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
[root@rvp /home/rvp]# unbound-control local_zone test.org. deny ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
[root@rvp /home/rvp]# unbound-control local_zone test.com. deny ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Non-authoritative answer: Name: weather.com Address: 184.86.60.172
[root@rvp /home/rvp]# unbound-control list_local_data | grep weather weather.com. 10900 IN A 127.0.0.1 [root@rvp /home/rvp]#
[root@rvp /home/rvp]# unbound-control reload ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
To reproduce
Expected behavior using unbound-control local_zone must not break local-data records.
System:
unbound -V
Version 1.17.1
Configure line: --with-libexpat=/usr/local --with-ssl=/usr --enable-dnscrypt --disable-dnstap --with-libnghttp2 --with-dynlibmodule --enable-ecdsa --disable-event-api --enable-gost --with-libevent --disable-subnet --disable-tfo-client --disable-tfo-server --with-pthreads --prefix=/usr/local --localstatedir=/var --mandir=/usr/local/man --infodir=/usr/local/share/info/ --build=amd64-portbld-freebsd13.1 Linked libs: libevent 2.1.12-stable (it uses kqueue), OpenSSL 1.1.1o-freebsd 3 May 2022 Linked modules: dns64 dynlib respip validator iterator DNSCrypt feature available
BSD licensed, see LICENSE in source package for details. Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues
Additional information Add any other information that you may have gathered about the issue here.
Cannot reproduce this neither on 1.17.1 nor on current master. More verbose output would help for this case if possible.
Hello,
adding zones with 'unbound-control local_zone xxx.xxx. deny' randomly breakes local-data records. different zones being added break different records.
for example: adding 'test.com' breakes local-data record for 'weather.com'
unbound verions found to be affected: 1.17.0, 1.17.1 OS independent (tried freebsd 13.1, debian 7.11)
[root@rvp /home/rvp]# unbound-control reload ok [root@rvp /home/rvp]# unbound-control list_local_data | grep weather weather.com. 10900 IN A 127.0.0.1 [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Name: weather.com Address: 127.0.0.1
[root@rvp /home/rvp]# unbound-control local_zone test.net. deny ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Name: weather.com Address: 127.0.0.1
[root@rvp /home/rvp]# unbound-control local_zone test.org. deny ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Name: weather.com Address: 127.0.0.1
[root@rvp /home/rvp]# unbound-control local_zone test.com. deny ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Non-authoritative answer: Name: weather.com Address: 184.86.60.172
[root@rvp /home/rvp]# unbound-control list_local_data | grep weather weather.com. 10900 IN A 127.0.0.1 [root@rvp /home/rvp]#
[root@rvp /home/rvp]# unbound-control reload ok [root@rvp /home/rvp]# nslookup weather.com. localhost Server: localhost Address: 127.0.0.1#53
Name: weather.com Address: 127.0.0.1
To reproduce
Expected behavior using unbound-control local_zone must not break local-data records.
System:
unbound -V
output:Version 1.17.1
Configure line: --with-libexpat=/usr/local --with-ssl=/usr --enable-dnscrypt --disable-dnstap --with-libnghttp2 --with-dynlibmodule --enable-ecdsa --disable-event-api --enable-gost --with-libevent --disable-subnet --disable-tfo-client --disable-tfo-server --with-pthreads --prefix=/usr/local --localstatedir=/var --mandir=/usr/local/man --infodir=/usr/local/share/info/ --build=amd64-portbld-freebsd13.1 Linked libs: libevent 2.1.12-stable (it uses kqueue), OpenSSL 1.1.1o-freebsd 3 May 2022 Linked modules: dns64 dynlib respip validator iterator DNSCrypt feature available
BSD licensed, see LICENSE in source package for details. Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues
Additional information Add any other information that you may have gathered about the issue here.