unbound returns SERVFAIL although forwarder works just fine
Paul Wouters
paul at nohats.ca
Tue Dec 22 19:18:07 UTC 2015
On Wed, 23 Dec 2015, martin f krafft via Unbound-users wrote:
> I am running unbound (1.5.7 on Debian unstable) on a laptop as
> a recursive resolver for localhost and a number of test VMs running
> on the machine. I am aware that others use dnsmasq for this, but
> I don't particularly like this monolithic do-everything tool and am
> rather familiar with unbound already.
>
> Unfortunately, I am experiencing problems at regular intervals. One
> such problem is that occasionally, unbound will be unable to resolve
> records, returning SERVFAIL:
>
> % host debian.org
> Host debian.org not found: 2(SERVFAIL)
>
> According to the log (full log below), unbound thinks that the
> forward server is failing:
>
> unbound: [1144:0] debug: configured forward servers failed -- returning SERVFAIL
>
> However, querying the configured forwarding server works just fine.
> unbound: [1144:0] debug: processQueryTargets: targetqueries 0, currentqueries 0 sentcount 0
> unbound: [1144:0] info: DelegationPoint<.>: 0 names (0 missing), 1 addrs (0 result, 1 avail) parentNS
> unbound: [1144:0] debug: ip4 192.168.1.1 port 53 (len 16)
> unbound: [1144:0] debug: attempt to get extra 3 targets
> unbound: [1144:0] debug: servselect ip4 192.168.1.1 port 53 (len 16)
> unbound: [1144:0] debug: rtt=120000
> unbound: [1144:0] debug: No more query targets, attempting last resort
> unbound: [1144:0] debug: configured forward servers failed -- returning SERVFAIL
> unbound: [1144:0] debug: store error response in message cache
Did your forwarder perhaps not answer (in time) ?
Maybe try setting cache-max-negative-ttl: to something like 5 seconds ?
Paul
More information about the Unbound-users
mailing list