DNS Resolver flaky on .gov websites

pfBasic

DNS Resolver is intermittent with many .gov websites on my system.
https://aviationweather.gov/ for example. Sometimes it works, other it times out, then it will work again.

I turned on forwarding mode using 8.8.8.8 and it immediately works perfectly.

Derelict

$ dig +trace aviationweather.gov

; <<>> DiG 9.8.3-P1 <<>> +trace aviationweather.gov
;; global options: +cmd
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
;; Received 228 bytes from 2600:dead:beef:5b01:208:a2ff:fe09:99ad#53(2600:dead:beef:5b01:208:a2ff:fe09:99ad) in 239 ms

gov. 172800 IN NS b.gov-servers.net.
gov. 172800 IN NS a.gov-servers.net.
;; Received 144 bytes from 193.0.14.129#53(193.0.14.129) in 171 ms

aviationweather.gov. 86400 IN NS ns-e.noaa.gov.
aviationweather.gov. 86400 IN NS ns-mw.noaa.gov.
aviationweather.gov. 86400 IN NS ns-nw.noaa.gov.
;; Received 233 bytes from 209.112.123.30#53(209.112.123.30) in 8329 ms

aviationweather.gov. 120 IN A 140.90.101.207
aviationweather.gov. 120 IN NS ns-mw.noaa.gov.
aviationweather.gov. 120 IN NS ns-e.noaa.gov.
aviationweather.gov. 120 IN NS ns-nw.noaa.gov.
;; Received 249 bytes from 140.172.17.237#53(140.172.17.237) in 90 ms

pfBasic

Is that saying that the problem is with aviaitonweather.gov's root servers, not my pfsense Resolver, and by using a forwarded I just get the info form google instead of the root servers so it works?

Derelict

Google must have managed to cache it. Yes, the DNS for that site is performing poorly. unbound might be giving up on it or something.

Seems OK now.