Sudden issue with .org DNS lookups using DNS Resolver
-
I have had an issue for the last few days where .org domains, like wikipedia.org, root-servers.org or cohs.org, are not able to be looked up successfully by unbound when using DNS Resolver. If I use forwarding to 1.1.1.1, dns lookups are fine. This happens whether or not pfBlockerNG is enabled. Any ideas?
-
Time to share what's happing.
(with no info nobody can tell you why / what )dig +trace wikipedia.org
or
drill -T wikipedia.org -
^ That, and also check your DNS Resolver logs
-
dig +trace wikipedia.org
; <<>> DiG 9.10.6 <<>> +trace wikipedia.org ;; global options: +cmd ;; Received 17 bytes from 192.168.0.1#53(192.168.0.1) in 0 ms
-
@drewsaur said in Sudden issue with .org DNS lookups using DNS Resolver:
dig +trace wikipedia.org
; <<>> DiG 9.10.6 <<>> +trace wikipedia.org ;; global options: +cmd ;; Received 17 bytes from 192.168.0.1#53(192.168.0.1) in 0 ms
Saw that one.
Was asking for a +trface during a "dig" and the only thing I got back was ...Received 17 bytes from .....
I had to reboot pfSEnse to make it (using dig +trace .... ) work again. I don't know why ....
Doing a dig without the option +trace works just fine.
The suggested drill command also. -
I want to update the thread here to share that I no longer seem to be having this issue, so that is why I have not posted more diagnostic results. I do believe that my ISP (Spectrum) was messing around with blocking access to certain root DNS servers for a few days. I will report back if anything reverts.
-
@Gertjan Having this issue again; can't resolve.org domains:
; <<>> DiG 9.10.6 <<>> wikipedia.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 30520
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;wikipedia.org. IN A;; Query time: 7 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat May 30 07:00:10 EDT 2020
;; MSG SIZE rcvd: 42