Derrick Shields
2014-09-24 17:17:58 UTC
Synopsis: having issues where unbound stops responding properly to lookups (doesn't report error, just gives bad info) until I restart it.
Background:
I recently upgraded pfsense to 2.1 and switched to Unbound for the DNS resolver because I needed to do resolving directly instead of forwarding due to mail RBL service query overloading. Had no problem getting Unbound to work initially, but after a day I started getting a lot of malformed MX record lookups on my mail server and when I queried the records I was seeing a lot of null mx records, but doing a lookup on an external DNS service showed normal MX records. I disabled DNSSEC thinking it was related to that and the problem *seemed* to go away. However today the same problem started happening again and restarting the Unbound service has resolved. When the problem happens, Unbound reports bad info for the lookup... below is a lookup for navyfederal.org MX and notice is returns a null MX
I'm not seeing anything obvious in the Unbound logs, so any help how to troubleshoot this is greatly appreciated.
Background:
I recently upgraded pfsense to 2.1 and switched to Unbound for the DNS resolver because I needed to do resolving directly instead of forwarding due to mail RBL service query overloading. Had no problem getting Unbound to work initially, but after a day I started getting a lot of malformed MX record lookups on my mail server and when I queried the records I was seeing a lot of null mx records, but doing a lookup on an external DNS service showed normal MX records. I disabled DNSSEC thinking it was related to that and the problem *seemed* to go away. However today the same problem started happening again and restarting the Unbound service has resolved. When the problem happens, Unbound reports bad info for the lookup... below is a lookup for navyfederal.org MX and notice is returns a null MX
I'm not seeing anything obvious in the Unbound logs, so any help how to troubleshoot this is greatly appreciated.