1
General Discussion / Re: Unbound help delegating a zone
« on: January 28, 2024, 11:59:08 am »
Nevermind, there is a dedicated UI page for query forwarding that works like a charm for my use...
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
server:
forward-zone:
name: "parents.lan"
forward-addr: 192.168.1.90
I also tried with .parents.lan. parents.lan. .parents.lan and even lan. with no luck (starting with a dot makes unbound refuse to start...)auto lo
iface lo inet loopback
auto enp1s0
iface enp1s0 inet manual
mtu 9000
#eth0
auto enp2s0
iface enp2s0 inet manual
mtu 9000
#eth1
auto enp3s0
iface enp3s0 inet manual
mtu 9000
#eth2
auto enp4s0
iface enp4s0 inet manual
mtu 9000
#eth3
auto enp5s0
iface enp5s0 inet manual
mtu 9000
#eth4
auto enp6s0
iface enp6s0 inet manual
mtu 9000
#eth5
iface enx00e04c534458 inet manual
auto bond1
iface bond1 inet manual
bond-slaves enp5s0 enp6s0
bond-miimon 100
bond-mode balance-xor
bond-xmit-hash-policy layer3+4
mtu 9000
#LAGG_WAN
auto bond0
iface bond0 inet manual
bond-slaves enp1s0 enp2s0 enp3s0 enp4s0
bond-miimon 100
bond-mode balance-xor
bond-xmit-hash-policy layer3+4
mtu 9000
#LAGG_Switch
auto vmbr1000
iface vmbr1000 inet manual
bridge-ports bond0
bridge-stp on
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 1-4094
mtu 9000
#Bridge All VLANs to SWITCH
auto vmbr2000
iface vmbr2000 inet manual
bridge-ports bond1
bridge-stp on
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 1-4094
mtu 9000
#Bidge WAN
auto vmbr1000.10
iface vmbr1000.10 inet manual
mtu 9000
#VMs
auto vmbr1000.99
iface vmbr1000.99 inet manual
mtu 9000
#VMs
auto vmbr10
iface vmbr10 inet static
address 10.0.10.9/24
gateway 10.0.10.1
bridge-ports vmbr1000.10
bridge-stp off
bridge-fd 0
post-up ip rule add from 10.0.10.0/24 table 10Server prio 1
post-up ip route add default via 10.0.10.1 dev vmbr10 table 10Server
post-up ip route add 10.0.10.0/24 dev vmbr10 table 10Server
mtu 9000
auto vmbr99
iface vmbr99 inet static
address 10.0.99.9/24
gateway 10.0.99.1
bridge-ports vmbr1000.99
bridge-stp off
bridge-fd 0
post-up ip rule add from 10.0.99.0/24 table 99Test prio 1
post-up ip route add default via 10.0.99.1 dev vmbr99 table 99Test
post-up ip route add 10.0.99.0/24 dev vmbr99 table 99Test
mtu 9000
root@pve:~ # cat /etc/iproute2/rt_tables.d/200_10Server.conf
200 10Server
root@pve:~ # cat /etc/iproute2/rt_tables.d/204_99Test.conf
204 99Test
root@pve:~ #
time="05-07-2023 02:23:38" level=error msg="error while performing request: tls: failed to verify certificate: x509: certificate signed by unknown authority; 4 retries left"
opening devname netmap:vtnet0/R failed: Invalid argument
And the service stops.main$ifconfig pfsync0
pfsync0: flags=41<UP,RUNNING> metric 0 mtu 9000
pfsync: syncdev: vtnet1_vlan9 syncpeer: 10.0.9.3 maxupd: 128 defer: off
syncok: 1
groups: pfsync carp
backup$ifconfig pfsync0
pfsync0: flags=41<UP,RUNNING> metric 0 mtu 9000
pfsync: syncdev: vtnet1_vlan9 syncpeer: 10.0.9.2 maxupd: 128 defer: off
syncok: 1
groups: pfsync carp
change the wireguard implementation from go to kmod:
ssh into the shell:Code: [Select]pkg install wireguard-kmod