From nobody Sat May 13 16:23:30 2023
X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QJWCZ1vwVz4BX2D
	for <freebsd-questions@mlmmj.nyi.freebsd.org>; Sat, 13 May 2023 16:23:38 +0000 (UTC)
	(envelope-from freebsd-questions-3@voidcaptain.com)
Received: from mx3.mx00.net (mx3.mx00.net [IPv6:2600:3c01::f03c:91ff:fe89:a3f5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature ECDSA (P-256) client-digest SHA256)
	(Client CN "mx3.mx00.net", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4QJWCY4M9Pz4QSk
	for <freebsd-questions@freebsd.org>; Sat, 13 May 2023 16:23:37 +0000 (UTC)
	(envelope-from freebsd-questions-3@voidcaptain.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: from razz.mx00.net [2600:3c01::f03c:91ff:fed5:a231]
	by mx3.mx00.net with ESMTP id 20230329-1pxs1r-0007sx-02;
	Sat, 13 May 2023 16:23:32 +0000
Message-ID: <4d7fe7b8-bbd5-e10d-41ee-2b6d46ddb39a@slagle.net>
Date: Sat, 13 May 2023 09:23:30 -0700
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
Sender: owner-freebsd-questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
MIME-Version: 1.0
Subject: Re: unbound
Content-Language: en-US
To: FreeBSD Questions <freebsd-questions@freebsd.org>
References: <20230513053351.6e101f66@dismail.de>
Cc: LuMiWa <lumiwa@dismail.de>
From: freebsd-questions-3@voidcaptain.com
In-Reply-To: <20230513053351.6e101f66@dismail.de>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 4QJWCY4M9Pz4QSk
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:63949, ipnet:2600:3c01::/32, country:SG]
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-ThisMailContainsUnwantedMimeParts: N

LuMiWa wrote on 5/13/23 02:33:
> Hi!
> 
> I am using unbound from ports on FreeBSD 13.2 Release for DNS over TLS.
> In unbound.conf I have:
> forward-zone:
>     name: "."
>     forward-tls-upstream: yes
>     forward-addr: 9.9.9.9@853#dns.quad9.net
>     forward-addr: 149.112.112.112@853#dns.quad9.net
> 
> It worked years without problem but this weeks stopped. I remowed
> forward-tls... and port 853 and it works again but it is not the same.
> 
> Thank you.


There seems to be a bug in unbound's forwarding that appears when ASLR 
is enabled, as it recently was by default during the 13.2-RELEASE upgrade.

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270912

https://github.com/NLnetLabs/unbound/issues/887