X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Funbound%2Ftemplates%2Funbound.conf.erb;h=e72514a07d0669930c640cc6247599b7e8bb2791;hb=63519a744307c2b8b063fb51002f48326a162d9a;hp=a8001903e6f558f99a54b2ac5f84886a453029fb;hpb=146cc9cdb25153a49c3923710ca598bd939328b4;p=mirror%2Fdsa-puppet.git

diff --git a/modules/unbound/templates/unbound.conf.erb b/modules/unbound/templates/unbound.conf.erb
index a8001903e..e72514a07 100644
--- a/modules/unbound/templates/unbound.conf.erb
+++ b/modules/unbound/templates/unbound.conf.erb
@@ -43,6 +43,7 @@ server:
 	# auto-trust-anchor-file: ""
 	auto-trust-anchor-file: "/var/lib/unbound/root.key"
 	auto-trust-anchor-file: "/var/lib/unbound/debian.org.key"
+	auto-trust-anchor-file: "/var/lib/unbound/29.172.in-addr.arpa.key"
 
 # recursive: <%= @is_recursor ? "y" : "n" %>
 <% if not @is_recursor -%>
@@ -51,9 +52,14 @@ forward-zone:
 <% @ns.to_a.flatten.each do |nms| -%>
 	forward-addr: <%= nms %>
 <% end -%>
+<% if @lsbmajdistrelease >= '7' -%>
+	forward-first: yes
+<% end -%>
+
 # XXX : we probably ought to forward 172.29 reverse queries to our nameserver
 # if our forwarders are not ours.
 <% else -%>
+local-zone: "29.172.in-addr.arpa" nodefault
 forward-zone:
 	name: "29.172.in-addr.arpa"
 	forward-host: ns1.debian.org
@@ -61,6 +67,3 @@ forward-zone:
 	forward-host: ns3.debian.org
 	forward-host: ns4.debian.com
 <% end -%>
-<% if hostname == "zappa" -%>
-edns-buffer-size: 512
-<% end -%>