Bugzilla – Bug 184
unbound-host resolving without access to the ROOT servers
Last modified: 2008-06-02 15:14:56 CEST
In an unconfigured fresh unbound installation, the unbound-host helper "hangs" when used in an intranet that has no direct connection to the ROOT name servers.
The reason is that it tries to start resolving by itself, by accessing the hinted ROOT name servers directly.
In contrast, the BIND9 'host' command uses the name server from /etc/resolv.conf instead, and as long as that is a forwarder with internet access, resolution works fine.
PS: I cannot report this against unbound-1.0.0 because bugzilla only knows 0.x
The choice was made to contact the roots, because for many people the resolv.conf points to somewhere out-of-control (and the ISP does not support DNSSEC on their cache). So that DNSSEC validation will work easily.
In svn trunk r1104 you can find unbound-host with a -r option to read resolv.conf. You can use this if you cannot reach the root servers directly.