<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
<p>Hi folks,</p>
<p><br>
</p>
<p>We have a situation here with Unbound, during internet outage for an hour or so, Unbound keeps replying with server <span>servfail for valid domains even after it gain access to internet, to fix this, i have to reload or restart Unbound.</span></p>
<p><span>This happens every time we lose internet for more than 30 minutes or so.</span></p>
<p><span>Any way to fix this ?</span></p>
<p>Appreciate<span> your time.</span></p>
<p><span><br>
</span></p>
<p><span>OS: CentOS 7.3</span></p>
<p><span>Unbound: <span>Version 1.4.20</span></span></p>
<p><span><span><br>
</span></span></p>
<p><span><span>Config:</span></span></p>
<p><span><span><br>
</span></span></p>
<p><span><span></p>
<div>server:</div>
<div><br>
</div>
<div><span style="white-space:pre"></span>access-control: 0.0.0.0/0 deny</div>
<div><span style="white-space:pre"></span>access-control: x.x.x.x/x allow</div>
<div></div>
<div><span style="white-space:pre"></span></div>
<div><span style="white-space:pre"></span>verbosity: 1</div>
<div><span style="white-space:pre"></span>statistics-interval: 0</div>
<div><span style="white-space:pre"></span>statistics-cumulative: no</div>
<div><span style="white-space:pre"></span>extended-statistics: yes</div>
<div><span style="white-space:pre"></span>num-threads: 16</div>
<div><span style="white-space:pre"></span>interface: xx.xx.xx.xx</div>
<div><span style="white-space:pre"></span>interface: <span style="font-family: Calibri, Helvetica, sans-serif, EmojiFont, "Apple Color Emoji", "Segoe UI Emoji", NotoColorEmoji, "Segoe UI Symbol", "Android Emoji", EmojiSymbols; font-size: 16px;">xx.xx.xx.xx</span></div>
<div><span style="white-space:pre"></span>interface: <span style="font-family: Calibri, Helvetica, sans-serif, EmojiFont, "Apple Color Emoji", "Segoe UI Emoji", NotoColorEmoji, "Segoe UI Symbol", "Android Emoji", EmojiSymbols; font-size: 16px;">xx.xx.xx.xx</span></div>
<div><span style="white-space:pre"></span>interface: <span style="font-family: Calibri, Helvetica, sans-serif, EmojiFont, "Apple Color Emoji", "Segoe UI Emoji", NotoColorEmoji, "Segoe UI Symbol", "Android Emoji", EmojiSymbols; font-size: 16px;">xx.xx.xx.xx</span></div>
<div><span style="white-space:pre"></span>interface: 127.0.0.1</div>
<div><span style="white-space:pre"></span>interface-automatic: no</div>
<div><span style="white-space:pre"></span>port: 53</div>
<div><span style="white-space:pre"></span>outgoing-range: 8196</div>
<div><span style="white-space:pre"></span>num-queries-per-thread: 1600</div>
<div><span style="white-space:pre"></span>outgoing-num-tcp: 100</div>
<div><span style="white-space:pre"></span>incoming-num-tcp: 100</div>
<div><span style="white-space:pre"></span>so-rcvbuf: 8m</div>
<div><span style="white-space:pre"></span>so-sndbuf: 8m</div>
<div><span style="white-space:pre"></span>msg-cache-size: 2G</div>
<div><span style="white-space:pre"></span>rrset-cache-size: 4G</div>
<div><span style="white-space:pre"></span>msg-cache-slabs: 16</div>
<div><span style="white-space:pre"></span>rrset-cache-slabs: 16</div>
<div><span style="white-space:pre"></span>infra-cache-slabs: 16</div>
<div><span style="white-space:pre"></span>infra-cache-numhosts: 10000000</div>
<div><span style="white-space:pre"></span>do-ip4: yes</div>
<div><span style="white-space:pre"></span>do-ip6: yes</div>
<div><span style="white-space:pre"></span>do-udp: yes</div>
<div><span style="white-space:pre"></span>do-tcp: yes</div>
<div><span style="white-space:pre"></span>do-daemonize: yes</div>
<div><span style="white-space:pre"></span>chroot: ""</div>
<div><span style="white-space:pre"></span>username: "unbound"</div>
<div><span style="white-space:pre"></span>directory: "/etc/unbound"</div>
<div><span style="white-space:pre"></span>logfile: "/var/log/unbound.log"</div>
<div><span style="white-space:pre"></span>log-queries: no</div>
<div><span style="white-space:pre"></span>use-syslog: yes</div>
<div><span style="white-space:pre"></span>log-time-ascii: yes</div>
<div><span style="white-space:pre"></span>pidfile: "/var/run/unbound/unbound.pid"</div>
<div><span style="white-space:pre"></span>root-hints: "/etc/unbound/root.hints"</div>
<div><span style="white-space:pre"></span>hide-identity: yes</div>
<div><span style="white-space:pre"></span>hide-version: yes</div>
<div><span style="white-space:pre"></span>harden-glue: yes</div>
<div><span style="white-space:pre"></span>harden-dnssec-stripped: yes</div>
<div><span style="white-space:pre"></span>harden-below-nxdomain: yes</div>
<div><span style="white-space:pre"></span>harden-referral-path: yes</div>
<div><span style="white-space:pre"></span>use-caps-for-id: no</div>
<div><span style="white-space:pre"></span>unwanted-reply-threshold: 100000</div>
<div><span style="white-space:pre"></span>prefetch: yes</div>
<div><span style="white-space:pre"></span>prefetch-key: yes</div>
<div><span style="white-space:pre"></span>rrset-roundrobin: yes</div>
<div><span style="white-space:pre"></span>minimal-responses: yes</div>
<div><span style="white-space:pre"></span>trusted-keys-file: /etc/unbound/keys.d/*.key</div>
<div><span style="white-space:pre"></span>auto-trust-anchor-file: "/var/lib/unbound/root.key"</div>
<div><span style="white-space:pre"></span>val-log-level: 1</div>
<div><span style="white-space:pre"></span>key-cache-size: 1G</div>
<div><span style="white-space:pre"></span>key-cache-slabs: 16</div>
<div><span style="white-space:pre"></span>neg-cache-size: 1k</div>
<div><span style="white-space:pre"></span>include: /etc/unbound/local.d/*.conf</div>
<div># Remote control config section.</div>
<div>remote-control:</div>
<div><span style="white-space:pre"></span>control-enable: yes</div>
<div><span style="white-space:pre"></span># control-interface: 127.0.0.1</div>
<div><span style="white-space:pre"></span># control-port: 953</div>
<div><span style="white-space:pre"></span>server-key-file: "/etc/unbound/unbound_server.key"</div>
<div><span style="white-space:pre"></span>server-cert-file: "/etc/unbound/unbound_server.pem"</div>
<div><span style="white-space:pre"></span>control-key-file: "/etc/unbound/unbound_control.key"</div>
<div><span style="white-space:pre"></span>control-cert-file: "/etc/unbound/unbound_control.pem"</div>
<div># Stub and Forward zones</div>
<div>include: /etc/unbound/conf.d/*.conf</div>
<br>
</span></span>
<p></p>
<p></p>
<p><br>
</p>
<div id="Signature"><br>
<div class="ecxmoz-signature">-- <br>
<br>
<font color="#3366ff"><font color="#000000">Respectfully<b><br>
</b><b>Mahdi A. Mahdi</b></font></font><font color="#3366ff"><br>
<br>
</font><font color="#3366ff"></font></div>
</div>
</div>
</body>
</html>