unbound/nsd returning SERVFAIL resolving local LAN DNS. nsd alone works fine

Solution 1:

This line from the log indicates the problem:

Jun 15 06:12:39 pizza.yoderdev.com unbound[1947]: [1947:0] debug: skip addr on the donotquery list ip4 127.0.0.1 port 53530 (len 1

Unbound by default refuses to send any DNS queries to localhost. To enable it to query localhost, set the do-not-query-localhost to no in the server-section of the Unbound configuration:

server:
  interface: 127.0.0.1
  interface: 192.168.1.50
  [...]
  do-not-query-localhost: no

See the documentation for unbound.conf for a description of the option.

Solution 2:

I ran into the same problem in split-horizon DNS context–the Unbound log indicated that an "incoming scrubbed packet" (obtained from NSD) contained the IP address/CNAME entry in question, but after "finishing processing", the latter would not be passed through.

Eventually, adding the equivalent of domain-insecure: "datanet.home" solved this for me using Unbound v1.12.0 and NSD v4.3.3.

unbound/nsd returning SERVFAIL resolving local LAN DNS. nsd alone works fine

Solution 1:

Solution 2:

Tags:

Nsd

Unbound

Internal Dns

Related

Recent Posts