Bug 250984

Summary:

local-unbound-setup does not work with ipv6 forwarders without "::" in address

Product:

Base System

Reporter:

wolfgang

Component:

misc

Assignee:

Dag-Erling Smørgrav <des>

Status:

Closed FIXED

Severity:

Affects Some People

CC:

des, liedtke, mops, pmh

Priority:

---

Keywords:

regression

Version:

12.2-RELEASE

Flags:

koobs: mfc-stable13+
koobs: mfc-stable12?
koobs: mfc-stable11-

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
Patch to /usr/sbin/local-unbound-setup	none
Fixed patch to /usr/sbin/local-unbound-setup	none

Description wolfgang 2020-11-09 16:13:22 UTC

Given a resolv.conf that looks like

nameserver 2001:db8:6:5:4:3:2:1
options edns0

running local-unbound-setup produces a file /etc/unbound/forward.conf that looks like this:

# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
forward-zone:
        name: .

Notably missing is a line on the end that should look like

        forward-addr: 2001:0db8:6:5:4:3:2:1

If the ipv6-adress contains the sequence "::" the script works as expected.

Comment 1 wolfgang 2020-11-09 23:51:19 UTC

This worked in FreeBSD 11.3, so we have a regression here.

Comment 2 Patrick M. Hausen 2021-03-09 10:33:33 UTC

Created attachment 223112 [details]
Patch to /usr/sbin/local-unbound-setup

Comment 3 Patrick M. Hausen 2021-03-09 10:35:41 UTC

Hey folks,

I attached a patch - please give this a higher priority. I just wasted half a working day searching for a problem in my Ansible code until I found that local-unbound-setup is broken and finally this bug report.

Global unicast addresses do not in general contain the string '::' ;-)

Kind regards,
Patrick

Comment 4 Patrick M. Hausen 2021-03-09 10:46:25 UTC

Sorry - messed it up. The proposed patch now only works if there is *no* '::' in the address. Uploading a fixed one.

Comment 5 Patrick M. Hausen 2021-03-09 10:47:20 UTC

Created attachment 223114 [details]
Fixed patch to /usr/sbin/local-unbound-setup

Comment 6 commit-hook freebsd_committer

2021-03-10 15:54:31 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=e5f02c140bf1e519a95bd6331382e8a2a1b6219f

commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f
Author:     Dag-Erling SmÃ¸rgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:01:38 +0000
Commit:     Dag-Erling SmÃ¸rgrav <des@FreeBSD.org>
CommitDate: 2021-03-10 15:53:22 +0000

    Fix local-unbound setup for some IPv6 deployments.

    PR:             250984
    MFC after:      1 week

 usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 7 commit-hook freebsd_committer

2021-03-24 00:54:56 UTC

A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=34e12e9a177a1d2386a855eb5a497f6f8a680180

commit 34e12e9a177a1d2386a855eb5a497f6f8a680180
Author:     Dag-Erling SmÃ¸rgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:01:38 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-24 00:53:35 +0000

    MFC: Fix local-unbound setup for some IPv6 deployments.

    On behalf of:   des
    PR:             250984

    (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f)

 usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 8 commit-hook freebsd_committer

2021-03-24 01:50:06 UTC

A commit in branch releng/13.0 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=e011488bae5ae688a839e77b77e15f2231a5c148

commit e011488bae5ae688a839e77b77e15f2231a5c148
Author:     Dag-Erling SmÃ¸rgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:01:38 +0000
Commit:     Glen Barber <gjb@FreeBSD.org>
CommitDate: 2021-03-24 01:47:57 +0000

    MFC: Fix local-unbound setup for some IPv6 deployments.

    On behalf of:   des
    PR:             250984
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Approved by:    re (cperciva)

    (cherry picked from commit e5f02c140bf1e519a95bd6331382e8a2a1b6219f)
    (cherry picked from commit 34e12e9a177a1d2386a855eb5a497f6f8a680180)

 usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 9 Kubilay Kocak freebsd_committer

2021-07-17 04:41:06 UTC

^Triage: Tracker merges so far. Does this still need to go to stable/12?

Comment 10 punkt.de Hosting Team 2021-07-19 18:27:12 UTC

This bug breaks production, so we would really appreciate an MFC to RELENG_12. Currently we are manually patching the script for each new server.

Comment 11 commit-hook freebsd_committer

2021-07-20 14:51:16 UTC

A commit in branch stable/12 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=c7fa58420aa2b9e0d172717f7affe3fa2d11d15a

commit c7fa58420aa2b9e0d172717f7affe3fa2d11d15a
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2021-03-10 14:01:38 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-07-20 13:15:21 +0000

    Fix local-unbound setup for some IPv6 deployments.

    PR:             250984
    MFC after:      1 week

 usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 12 Dag-Erling Smørgrav freebsd_committer

2021-10-19 21:57:05 UTC

Wolfgang, can you confirm that this can be closed?

Comment 13 wolfgang 2021-10-20 11:55:50 UTC

I just checked, the problem is fixed in 13.0-RELEASE-p4 and 12.2-STABLE, it is not fixed in 12.2-RELEASE-p10. Probably not a big deal, as the EOL for 12.2 is only some 4 months away.

Comment 14 Dag-Erling Smørgrav freebsd_committer

2021-10-22 09:09:50 UTC

12.3 will have the fix and is expected in early December.  I think we can close this.