Unbound returns incorrect results

Fri Apr 17 12:34:43 UTC 2020

Hi
My unbound returns incorrect results

Unboud returns .203 IP
suser at gong:~$ dig @1.204.196.202 www.mysite.net

; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> @1.204.196.202 www.mysite.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2722
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.mysite.net.             IN      A

;; ANSWER SECTION:
www.mysite.net.      4275    IN      CNAME   mysite.net.
mysite.net.          5048    IN      A       1.204.196.203

But my authoritative DNS server returns:

suser at gong:~$ dig @1.204.196.130 www.mysite.net

; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> @1.204.196.130 www.mysite.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58582
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 4

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.mysite.net.             IN      A

;; ANSWER SECTION:
www.mysite.net.      10800   IN      CNAME   mysite.net.
mysite.net.          10800   IN      A       1.2.25.159

;; AUTHORITY SECTION:
mysite.net.          10800   IN      NS      ns4.mysite.net.
mysite.net.          10800   IN      NS      ns1.mysite.net.
mysite.net.          10800   IN      NS      ns2.mysite.net.

;; ADDITIONAL SECTION:
ns1.mysite.net.      10800   IN      A       1.204.196.130
ns2.mysite.net.      10800   IN      A       1.2.25.199
ns4.mysite.net.      10800   IN      A       1.204.196.200

;; Query time: 0 msec
;; SERVER: 1.204.196.130#53(1.204.196.130)
;; WHEN: Птн апр 17 15:30:39 EEST 2020
;; MSG SIZE  rcvd: 178

and google returns correct records:

suser at gong:~$ dig @8.8.8.8 www.mysite.net

; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> @8.8.8.8 www.mysite.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6220
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.mysite.net.             IN      A

;; ANSWER SECTION:
www.mysite.net.      1842    IN      CNAME   mysite.net.
mysite.net.          1842    IN      A       1.2.25.159

;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Птн апр 17 15:30:05 EEST 2020
;; MSG SIZE  rcvd: 76

This 1.204.196.203 was valid IP about half a year ago.
Can't find where it comes from.
This is new clean unbound setup installed two days ago.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20200417/726cb402/attachment.htm>