Trying to find out why my unbound will not resolve www.startpuntgeldzaken.nl

Gerben Wierda gerben.wierda at rna.nl
Wed May 5 20:15:18 UTC 2021 

What I see is this (reliably)

When asking 8.8.8.8 or 9.9.9.9 directly, the name is resolved.

But when unbound forwards to 8.8.8.8 or 9.9.9.9, it fails. 

hermione:~ gerben$ nslookup
> server 8.8.8.8
Default server: 8.8.8.8
Address: 8.8.8.8#53
> www.startpuntgeldzaken.nl
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
www.startpuntgeldzaken.nl	canonical name = nibud.truepeople.space.
nibud.truepeople.space	canonical name = tp-nibud-01.truepeople.space.
Name:	tp-nibud-01.truepeople.space
Address: 84.22.99.176
> server 9.9.9.9
Default server: 9.9.9.9
Address: 9.9.9.9#53
> www.startpuntgeldzaken.nl
Server:		9.9.9.9
Address:	9.9.9.9#53

Non-authoritative answer:
www.startpuntgeldzaken.nl	canonical name = nibud.truepeople.space.
nibud.truepeople.space	canonical name = tp-nibud-01.truepeople.space.
Name:	tp-nibud-01.truepeople.space
Address: 84.22.99.176
> server 192.168.2.86
Default server: 192.168.2.86
Address: 192.168.2.86#53
> www.startpuntgeldzaken.nl
;; connection timed out; no servers could be reached

In other words: I can realiable ask 9.9.9.9 for www.startpuntgeldzaken.nl but I cannot get unbound to get that same info via a forward. See:

$ unbound-control lookup www.startpuntgeldzaken.nl
The following name servers are used for lookup of www.startpuntgeldzaken.nl.
forwarding request:
Delegation with 0 names, of which 0 can be examined to query further addresses.
It provides 2 IP addresses.
9.9.9.9         	rto 103 msec, ttl 299, ping 35 var 17 rtt 103, tA 0, tAAAA 0, tother 0, EDNS 0 probed.
149.112.112.112 	rto 92 msec, ttl 293, ping 28 var 16 rtt 92, tA 0, tAAAA 0, tother 0, EDNS 0 probed.

and

$ dig @9.9.9.9 www.startpuntgeldzaken.nl; dig @192.168.2.86 www.startpuntgeldzaken.nl

; <<>> DiG 9.10.6 <<>> @9.9.9.9 www.startpuntgeldzaken.nl
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62765
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.startpuntgeldzaken.nl.	IN	A

;; ANSWER SECTION:
www.startpuntgeldzaken.nl. 60	IN	CNAME	nibud.truepeople.space.
nibud.truepeople.space.	300	IN	CNAME	tp-nibud-01.truepeople.space.
tp-nibud-01.truepeople.space. 300 IN	A	84.22.99.176

;; Query time: 36 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Wed May 05 22:11:32 CEST 2021
;; MSG SIZE  rcvd: 132


; <<>> DiG 9.10.6 <<>> @192.168.2.86 www.startpuntgeldzaken.nl
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

It is that reliable difference between asking 9.9.9.9 (or 8.8.8.8, or 1.1.1.1) directly and doing the same via unbound that forwards that bothersd me. Direct always succeeds. Forward always fails.

Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
R&A Enterprise Architecture <https://ea.rna.nl/> (main site)
Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>

> On 5 May 2021, at 21:33, Olivier Benghozi via Unbound-users <unbound-users at lists.nlnetlabs.nl> wrote:
> 
> Seems to me that this domain has some transient issues, independent of Unbound:
> 
> 
> 
> % dig www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/> @9.9.9.9
> 
> ; <<>> DiG 9.10.6 <<>> www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/> @9.9.9.9
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> 
> 
> 
> % dig www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/> @8.8.8.8
> 
> ; <<>> DiG 9.10.6 <<>> www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/> @8.8.8.8
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 47521
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>.	IN	A
> 
> ;; Query time: 61 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Wed May 05 21:29:40 CEST 2021
> ;; MSG SIZE  rcvd: 54
> 
> 
> 
>> Le 5 mai 2021 à 19:03, Gerben Wierda via Unbound-users <unbound-users at lists.nlnetlabs.nl <mailto:unbound-users at lists.nlnetlabs.nl>> a écrit :
>> 
>> My unbound 1.12.0 will not resolve www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/> but it does resolve most other domains without a problem
>> 
>> May 05 16:54:50 unbound-default[40069:0] info: resolving www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:50 unbound-default[40069:0] info: processQueryTargets: www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:50 unbound-default[40069:0] info: sending query: www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:50 unbound-default[40069:0] debug: sending to target: <.> 9.9.9.9#53
>> May 05 16:54:50 unbound-default[40069:0] debug: cache memory msg=297432 rrset=298522 infra=30866 val=296000
>> May 05 16:54:53 unbound-default[40069:0] debug: tcp error for address 9.9.9.9 port 53
>> May 05 16:54:53 unbound-default[40069:0] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_noreply
>> May 05 16:54:53 unbound-default[40069:0] info: iterator operate: query www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:53 unbound-default[40069:0] info: processQueryTargets: www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:53 unbound-default[40069:0] info: sending query: www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:53 unbound-default[40069:0] debug: sending to target: <.> 149.112.112.112#53
>> May 05 16:54:53 unbound-default[40069:0] debug: cache memory msg=297432 rrset=298522 infra=30866 val=296000
>> May 05 16:54:55 unbound-default[40069:0] info: 192.168.2.66 www.startpuntgeldzaken.nl <http://www.startpuntgeldzaken.nl/>. A IN
>> May 05 16:54:55 unbound-default[40069:0] debug: cache memory msg=297432 rrset=298522 infra=30866 val=296000
>> 
>> The problem seems to be tcp error, but I have no clue what causes that error. I could use some help in hunting this down.
>> 
>> Note, asking the forwarder directly resolves without problem. So it is the communication between my unbound and the other resolver.
>> 
>> Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
>> R&A Enterprise Architecture <https://ea.rna.nl/> (main site)
>> Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
>> Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20210505/7189a954/attachment-0001.htm>

More information about the Unbound-users mailing list