Maintained by: NLnet Labs

[Unbound-users] SERVFAIL on available servers

Dave Warren
Mon Mar 31 20:24:47 CEST 2014


I have a permanent VPN between a couple sites which is not entirely 
reliable, and unbound is configured with a stub zone pointing to name 
servers within 192.168/16 space.

The zone is defined in my unbound.conf as: example.com. IN stub noprime: 
192.168.182.1

After the VPN has been interrupted, I see SERVFAIL from unbound for all 
queries, despite the fact that the VPN is now available and I can query 
the DNS servers across the VPN directly. If I wait, it will resolve 
itself eventually. Restarting unbound resolves the problem immediately, 
so I think it's a case of unbound caching that the NS are unresponsive 
and not trying again.

How do I confirm the problem and/or what can I do to encourage unbound 
to try again? Or is there a way to tell unbound to always consider the 
NS responsible for this zone to be available?

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren