Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Unbound and OpenVPN, all is not all
« previous
next »
Print
Pages: [
1
]
Author
Topic: Unbound and OpenVPN, all is not all (Read 2805 times)
Taomyn
Sr. Member
Posts: 444
Karma: 20
Unbound and OpenVPN, all is not all
«
on:
March 19, 2019, 04:35:25 pm »
I did find something about this in the archived area, but as I'm seeing this with 19.1 I thought it better to start a new thread.
When using OpenVPN and Unbound, it seems for the Network Interfaces option "all" does not mean "all". If I choose "all" the devices on my OpenVPN subnet are refused DNS access. If I manually choose all the networks presented, which includes the OpenVPN subnet, it works. I can see the "internal" ACL entry for it appear and disappear between "all" and manually choosing them.
I know I can add it manually as well as a separate ACL, but that simply avoids the issue when it's obvious that Unbound can do this automatically. It even states in the help text "The default behavior is to respond to queries on every available IPv4 and IPv6 address." - which is plainly does not do.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Unbound and OpenVPN, all is not all
«
Reply #1 on:
March 20, 2019, 10:17:34 pm »
https://github.com/opnsense/core/issues/3342
Cheers,
Franco
Logged
Taomyn
Sr. Member
Posts: 444
Karma: 20
Re: Unbound and OpenVPN, all is not all
«
Reply #2 on:
March 21, 2019, 08:59:49 am »
Thanks Franco, I will apply the patch and report any issues
Quote from: franco on March 20, 2019, 10:17:34 pm
https://github.com/opnsense/core/issues/3342
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Unbound and OpenVPN, all is not all