On 10/6/23 18:37, John Levine wrote:
I run the FreeBSD package of unbound and it has no trouble even when I
specifically set an edns0 option. What else might be odd about your setup?
One thing I see is that my host is dual-stack, I see now that I get
SERVFAIL or a timeout if I ask for the AAAA record... The same query to
8.8.8.8 gives NOERROR with an empty answer (so -- no AAAA records).
If I watch dns queries and responses with tcpdump while forcing a
delivery attempt I see dozens of AAAA queries with empty responses, e.g:
1.2.3.4.35093 > 104.47.44.8.53: 48007% [1au] AAAA?
ns2-gtm.glbdns.o365filtering.com. (61)
IP (tos 0x0, ttl 239, id 43501, offset 0, flags [DF], proto UDP (17),
length 89)
104.47.38.8.53 > 1.2.3.4.27494: 25886*- 0/0/1 (61)
this repeats many times
On 10/7/23 01:11, Noel Butler via dns-operations wrote:
> Silly question I know, but you'd be surprised how many don't... Did you
> stop/start your mail server after this change on resolv.conf?
I hadn't but doing so does not help.
Craig
dot 186 % dig ns2-gtm.glbdns.o365filtering.com. aaaa
; <<>> DiG 9.18.19 <<>> +nosearch ns2-gtm.glbdns.o365filtering.com. aaaa
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;ns2-gtm.glbdns.o365filtering.com. IN AAAA
;; Query time: 4879 msec
;; SERVER: 127.0.0.2#53(127.0.0.2) (UDP)
;; WHEN: Fri Oct 06 21:28:32 PDT 2023
dot 200 % cat /usr/local/etc/unbound/unbound.conf
server:
directory: "/usr/local/etc/unbound"
auto-trust-anchor-file: "root.key"
interface: 127.0.0.2
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
