misc/60339: unbound=YES in rc.conf should be enough to get a recursive resolver

To: misc-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: misc/60339: unbound=YES in rc.conf should be enough to get a recursive resolver
From: "campbell+netbsd%mumble.net@localhost via gnats" <gnats-admin%NetBSD.org@localhost>
Date: Thu, 18 Jun 2026 17:45:00 +0000 (UTC)

>Number:         60339
>Category:       misc
>Synopsis:       unbound=YES in rc.conf should be enough to get a recursive resolver
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jun 18 17:45:00 +0000 2026
>Originator:     Taylor R Campbell
>Release:        current, 11, 10, 9, ...
>Organization:
The NetBSD Unboundation, Inc.
>Environment:
>Description:

	It is silly that we ship Unbound but don't make it work out of
	the box as a working recursive resolver by default.  The whole
	point of shipping it is to have a working recursive resolver,
	not to provide users with toys to configure for entertainment.

>How-To-Repeat:

	set `unbound=YES' in /etc/rc.conf and `nameserver 127.0.0.1' in
	/etc/resolv.conf and try to resolve names

>Fix:

	1. fill /etc/unbound.conf with something reasonable including a
	   control-interface (local) socket

	2. provide default root trust anchors that will be maintained
	   with auto-trust-anchor-key

Prev by Date: Re: kern/60323: IPv6 NDP issue since upgrade to 11.0_RC4
Previous by Thread: bin/60338: The log priority after a newline in log(9) is forced to LOG_KERN | LOG_NOTICE
Indexes:

Home | Main Index | Thread Index | Old Index