FreeBSD's bundled unbound answers SERVFAIL
Wolfgang Zenker
zenker at punkt.de
Thu Feb 20 13:54:02 UTC 2020
Hello,
a few things we learned in the last couple of days:
- the actual "live time" for these SERVFAIL answers is somewhere
between 12 and 30 minutes, probably 15 minutes. After that unbound
"magically" works again.
- "unbound-control flush ." fixes it most of the times, but not always.
Sometimes only stopping and starting unbound restores operation
immediately.
- we forward requests to a Bind nameserver via IPv6. Restarting that
nameserver or flushing its cache does not result in unbound working
again.
- dumping the unbound cache during failure works and the result looks
like a normal cache dump, frequently holding the entries that we just
looked for but got SERVFAIL (and will get SERVFAIL again when asking
for them during the "failure livetime").
Any ideas, known problems, etc?
Regards,
Wolfgang Zenker
--
punkt.de GmbH Tel. +49 721 9109-500 Fax: -100
.infrastructure info at punkt.de https://infrastructure.punkt.de/
Kaiserallee 13a CEO: Jürgen Egeling, Daniel Lienert, Fabian Stein
D-76133 Karlsruhe AG Mannheim HRB 108285
More information about the Unbound-users
mailing list