On 2023-05-14, Joel Carnat <j...@carnat.net> wrote:
I have unbound listening on lo0 (127.0.0.1, rdomain0) and resolv.conf configured with "nameserver 127.0.0.1".
You can also have unbound(8) listen on lo1. Without more information-for example, showing what pf.conf(5) contains- there is no way we can help you. I have two rdomain(4)s, and I have no issue pinging both lo(4) interfaces (both interfaces have the IPv6 and IPv4 loopback addresses assigned to them): router$ ping6 -nc1 ::1 PING ::1 (::1): 56 data bytes 64 bytes from ::1: icmp_seq=0 hlim=64 time=0.056 ms --- ::1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.056/0.056/0.056/0.000 ms router$ ping -nc1 127.0.0.1 PING 127.0.0.1 (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.054 ms --- 127.0.0.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.054/0.054/0.054/0.000 ms router$ ping6 -V1 -nc1 ::1 PING ::1 (::1): 56 data bytes 64 bytes from ::1: icmp_seq=0 hlim=64 time=0.048 ms --- ::1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.048/0.048/0.048/0.000 ms router$ ping -V1 -nc1 127.0.0.1 PING 127.0.0.1 (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.043 ms --- 127.0.0.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.043/0.043/0.043/0.000 ms
Is it possible to access lo0 from other rdomains?
There shouldn't be anything you have to do to access the loopback interface within its own rdomain; however if you want to access an interface that is part of a separate rdomain, you will likely need to instruct pf to use a separate rtable(4).
