resolving result is flapping

Mon Oct 3 21:33:31 UTC 2022

Hello,

unbound tries to resolv 60.67.194.188.in-addr.arpa/PTR.
Even on an empty cache, I see two different answers:

1. the wrong:

;; QUESTION SECTION:
;; 60.67.194.188.in-addr.arpa.          IN      PTR

;; AUTHORITY SECTION:
194.188.in-addr.arpa.   3497    IN      SOA     ns01.registrar.kabel-deutschland.de. dns-admin.kabeldeutschland.de. 2014082103 10800 7200 604800 86400

2. the right:
;; QUESTION SECTION:
;; 60.67.194.188.in-addr.arpa.          IN      PTR

;; ANSWER SECTION:
60.67.194.188.in-addr.arpa.     86400   IN      PTR     ipbcc2433c.dynamic.kabel-deutschland.de.

I build Unbound from source.

# unbound -V
Version 1.16.3

Configure line: --disable-flto --disable-dnscrypt --enable-pie --enable-relro-now --disable-shared --enable-static --enable-sha1 --enable-subnet --enable-event-api --enable-tfo-client --enable-tfo-server --enable-dnstap --enable-linux-ip-local-port-range --with-pthreads --without-pyunbound --with-pythonmodule --with-libevent --with-libnghttp2
Linked libs: libev 4.33 (it uses epoll), OpenSSL 3.0.5 5 Jul 2022
Linked modules: dns64 python subnetcache respip validator iterator
TCP Fastopen feature available

... and use this minimal config for testing:

# cat /tmp/unbound.conf
server:
  chroot: ""
  do-daemonize: no
  logfile: ""
  log-replies: yes
  pidfile: ""

in one terminal I start unbound:
# env - /usr/local/sbin/unbound -c /tmp/unbound.conf
[1664832020] unbound[38:0] notice: init module 0: subnetcache
[1664832020] unbound[38:0] notice: init module 1: validator
[1664832020] unbound[38:0] notice: init module 2: iterator
[1664832020] unbound[38:0] info: start of service (unbound 1.16.3).

in a second terminal I do the first query to the new unbound process (with empty cache)
# dig @127.0.0.1 -x 188.194.67.60

The nameserver hosting 194.188.in-addr.arpa. are not fully EDNS compliant: https://ednscomp.isc.org/ednscomp/13b0b744f8
May this be the reason? Is there anything I could configure to avoid the random NXDOMAIN ?

Andreas