Given a resolv.conf that looks like nameserver 2001:db8:6:5:4:3:2:1 options edns0 running local-unbound-setup produces a file /etc/unbound/forward.conf that looks like this: # This file was generated by local-unbound-setup. # Modifications will be overwritten. forward-zone: name: . Notably missing is a line on the end that should look like forward-addr: 2001:0db8:6:5:4:3:2:1 If the ipv6-adress contains the sequence "::" the script works as expected.
This worked in FreeBSD 11.3, so we have a regression here.
Created attachment 223112 [details] Patch to /usr/sbin/local-unbound-setup
Hey folks, I attached a patch - please give this a higher priority. I just wasted half a working day searching for a problem in my Ansible code until I found that local-unbound-setup is broken and finally this bug report. Global unicast addresses do not in general contain the string '::' ;-) Kind regards, Patrick
Sorry - messed it up. The proposed patch now only works if there is *no* '::' in the address. Uploading a fixed one.
Created attachment 223114 [details] Fixed patch to /usr/sbin/local-unbound-setup
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=e5f02c140bf1e519a95bd6331382e8a2a1b6219f commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2021-03-10 14:01:38 +0000 Commit: Dag-Erling Smørgrav <des@FreeBSD.org> CommitDate: 2021-03-10 15:53:22 +0000 Fix local-unbound setup for some IPv6 deployments. PR: 250984 MFC after: 1 week usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=34e12e9a177a1d2386a855eb5a497f6f8a680180 commit 34e12e9a177a1d2386a855eb5a497f6f8a680180 Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2021-03-10 14:01:38 +0000 Commit: Glen Barber <gjb@FreeBSD.org> CommitDate: 2021-03-24 00:53:35 +0000 MFC: Fix local-unbound setup for some IPv6 deployments. On behalf of: des PR: 250984 (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f) usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch releng/13.0 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=e011488bae5ae688a839e77b77e15f2231a5c148 commit e011488bae5ae688a839e77b77e15f2231a5c148 Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2021-03-10 14:01:38 +0000 Commit: Glen Barber <gjb@FreeBSD.org> CommitDate: 2021-03-24 01:47:57 +0000 MFC: Fix local-unbound setup for some IPv6 deployments. On behalf of: des PR: 250984 Sponsored by: Rubicon Communications, LLC ("Netgate") Approved by: re (cperciva) (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f) (cherry picked from commit 34e12e9a177a1d2386a855eb5a497f6f8a680180) usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
^Triage: Tracker merges so far. Does this still need to go to stable/12?
This bug breaks production, so we would really appreciate an MFC to RELENG_12. Currently we are manually patching the script for each new server.
A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=c7fa58420aa2b9e0d172717f7affe3fa2d11d15a commit c7fa58420aa2b9e0d172717f7affe3fa2d11d15a Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2021-03-10 14:01:38 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2021-07-20 13:15:21 +0000 Fix local-unbound setup for some IPv6 deployments. PR: 250984 MFC after: 1 week usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Wolfgang, can you confirm that this can be closed?
I just checked, the problem is fixed in 13.0-RELEASE-p4 and 12.2-STABLE, it is not fixed in 12.2-RELEASE-p10. Probably not a big deal, as the EOL for 12.2 is only some 4 months away.
12.3 will have the fix and is expected in early December. I think we can close this.