Irregular DNS lookup failures

Havard Eidnes he at
Thu Oct 28 06:33:25 UTC 2021

> Hello,
> We install unbound as a local caching DNS server on all our
> hosts. By doing this, we prevent our AD DNS servers from
> getting pounded by requests. It's been working well for the
> most part. But on one host, sometimes unbound will not resolve
> a cname for a host which exists in another domain. Often DNS
> lookups work, but infrequently they don't, just on this
> particular CNAME. I'm wondering why- can you give me any clues?
> I've added what I know, below. Let me know if I've missed
> anything. Thanks.

There is a possibility that what you experience doesn't really
have anything to do with unbound per se.  The error might as well
lie on the publication side of things.  E.g. are all the
publication servers for the zone in question supplying the same
answers to the given questions?

By you having obfuscated the logging output, there is however no
possibility for any of us to reproduce the problem.

There's also the possibility that you are operating with a "split
horizon" DNS setup on the publication side, so us knowing the
domain name in question wouldn't necessarily be of any help,
since the answer you get might depend on where the query is sent

So...  Not much we can do to help at the presen stage, I'm


- Håvard

More information about the Unbound-users mailing list