Unbound ipv6 problems anyone?

bimmerdriver

Yesterday, I noticed issues with ipv6 dns using dig and nslookup (windows 10). The problem went away but seems to be back. I updated to the latest snapshot, but it made no difference. I also tried adding an ACL, but that also made no difference. I've never added an ACL before.

I posted about it in the dns section: https://forum.pfsense.org/index.php?topic=132067.0

Is anyone experiencing this?

Guest

Current snapshot here - no issues.

bimmerdriver

I reinstalled pfsense 2.4 beta from scratch using the latest snapshot. Still having problems.

bimmerdriver

After flushing dns on the windows and linux clients, dig -6 doesn't return any results.

I have not changed any unbound settings, other than to register leases and static entries. I tried clearing them but it made no difference, even after restarting unbound.

johnpoz

How many threads you going to start on this issue?

See the other thread where looks like -6 is a windows issue with dig.
https://forum.pfsense.org/index.php?topic=132067.0

bimmerdriver

@johnpoz:

How many threads you going to start on this issue?

See the other thread where looks like -6 is a windows issue with dig.
https://forum.pfsense.org/index.php?topic=132067.0

I started one thread in DHCP and DNS and since the problem is only on my 2.4 beta system, I started another in here, in case anyone else using 2.4 beta has noticed it.

johnpoz

It is not an issue with 2.4 or unbound or pfsense at all.. I put in a bug report for the dig -6 this is the response I got

–--
We need to update the windows code that retrieves the list of name
server addresses from the system from GetNetworkParams to
GetAdaptersAddresses based on a little Googling.

GetNetworkParams only returns the IPv4 addresses.
GetAdaptersAddresses returns both IPv4 and IPv6 addresses
depending upon the calling arguments.

Populating resolv.conf with the nameserver address rather that
reading them from the system with GetNetworkParams/GetAdaptersAddresses
will let 'dig -6' work. This does have the obvious limitation that
the contents are likely to get out of date as the OS will not be
updating it.

'dig -6 @<servername>' works regardless of the method used to
populate the default server list.

e.g.
dig -6 @f.root-servers.net soa .
----</servername>

bimmerdriver

@johnpoz:

It is not an issue with 2.4 or unbound or pfsense at all.. I put in a bug report for the dig -6 this is the response I got

[deleted]

Thanks for the reply. I didn't have an opportunity to respond further to the other post today, but will try later.

johnpoz

I asked them for a timeline of a fix, got back

–
I don't know at this stage. Basically when time becomes available to rewrite that section of code.

heheh ;)

Guest

@johnpoz:

I asked them for a timeline of a fix, got back

–
I don't know at this stage. Basically when time becomes available to rewrite that section of code.

heheh ;)

Damn useful that…. not.

johnpoz

exactly ;)

But it doesn't seem to be a big bug - and its only windows related. Works fine on freebsd and linux.. And you can just use @ipv6ip to make query via ipv6.

their -6@ipv6fqdn works fine if you direct it towards a root server. But doesn't seem to work if using record that responds via AAAA. But works with roots.

Guest

@johnpoz:

exactly ;)

But it doesn't seem to be a big bug - and its only windows related. Works fine on freebsd and linux.. And you can just use @ipv6ip to make query via ipv6.

their -6@ipv6fqdn works fine if you direct it towards a root server. But doesn't seem to work if using record that responds via AAAA. But works with roots.

Surely you're not saying that Redmond have broken something? That's so unlike them. 8)

bimmerdriver

I was away for a week and during that time, the systems were idle. When I returned on Monday evening, I updated pfsense and after that, I noticed the problem was gone. (I did not check for it before I updated.) It stayed that way (i.e., nslookup was working) until the most recent update I applied earlier this evening, when the problem returned. I have not made any configuration changes with pfsense or the clients during this time.

C:\Users\User>nslookup google.com
Server:  pfSense.localdomain
Address:  2001:x:y:z:215:5dff:fe5c:e205

Non-authoritative answer:
Name:    google.com
Addresses:  2607:f8b0:400a:807::200e
          216.58.216.174

C:\Users\User>nslookup google.com
Server:  UnKnown
Address:  2001:x:y:z:215:5dff:fe5c:e205

*** UnKnown can't find google.com: Query refused

The first query from before the update shows nslookup working. The second query from after the update shows nslookup not working.

Here is output from dig:

C:\Users\User>dig -4 google.com

; <<>> DiG 9.10.5-P1 <<>> -4 google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19407
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             300     IN      A       216.58.193.78

;; Query time: 15 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Thu Jul 06 20:48:55 Pacific Daylight Time 2017
;; MSG SIZE  rcvd: 55

C:\Users\User>dig @2001:x:y:z:215:5dff:fe5c:e205 google.com

; <<>> DiG 9.10.5-P1 <<>> @2001:x:y:z:215:5dff:fe5c:e205 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 53421
;; flags: qr rd ad; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; Query time: 14 msec
;; SERVER: 2001:x:y:z:215:5dff:fe5c:e205#53(2001:x:y:z:215:5dff:fe5c:e205)
;; WHEN: Thu Jul 06 20:49:24 Pacific Daylight Time 2017
;; MSG SIZE  rcvd: 12

Note status: REFUSED, WARNING: recursion requested but not available

I tried this on two different windows 10 clients. They both behave exactly the same. When they are connected to my pfsense 2.3.4 system, nslookup works. When they are connected to my pfsense 2.4 beta system, nslookup does not work.

It's possible to ping 4/6 the the clients from pfsense and from other clients. It's possible to ping 4/6 pfsense from both clients. It's possible to ping 4/6 and traceroute 4/6 google.com from the clients. I tried flushing the dns on the clients. dns lookup google.com from pfsense works. The only apparent issue is nslookup.

All unbound settings are defaults. Previously, I tried enabling an ACL, but that made no difference. DNS servers are not being overridden by dhcp or dhcpv6 or in general settings. Allow DNS server override is unchecked.

I made zero changes to pfsense other than updating. Is it possible that this problem is related to the unbound changes?

If anyone has any suggestions to determine what's causing the problem, let me know.

bimmerdriver

I've noticed through the last couple of snapshot updates that after the reboot, it's not working (nslookup and dig @ipv6). If I restart unbound, it works afterwards. I looked in the log and there aren't any messages that indicate any problems.

The lower three messages are from the reboot after the update. The upper three messages are from restarting unbound.

Jul 9 10:06:31	unbound	49140:0	info: start of service (unbound 1.6.3).
Jul 9 10:06:31	unbound	49140:0	notice: init module 1: iterator
Jul 9 10:06:31	unbound	49140:0	notice: init module 0: validator
Jul 9 10:02:37	unbound	19726:0	info: start of service (unbound 1.6.3).
Jul 9 10:02:37	unbound	19726:0	notice: init module 1: iterator
Jul 9 10:02:37	unbound	19726:0	notice: init module 0: validator

johnpoz

And what snap are you on exactly? What was the last snap that worked? Just did some basic ipv6 dns testing with

Current snap..
2.4.0-BETA (amd64)
built on Mon Jul 10 04:15:22 CDT 2017
FreeBSD 11.0-RELEASE-p10

Going to need some actual info to work with. What log level do you have set in unbound? If that is all your seeing my guess would be 0, change it to 1 or 2 are you seeing errors now? Up it so can see some more info. Check to see that your listening on ipv6.. See attached.

Do you have your unbound set to listen on all interfaces or did you select specific ones? Looks like having an issue binding to my lan link-local address

Jul 10 07:47:09 unbound 58917:0 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1
Jul 10 07:47:09 unbound 58917:0 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1
Jul 10 07:47:09 unbound 58917:1 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1
Jul 10 07:47:09 unbound 58917:0 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1
Jul 10 07:47:09 unbound 58917:1 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1
Jul 10 07:47:09 unbound 58917:0 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1
Jul 10 07:47:09 unbound 58917:0 error: can't bind socket: Can't assign requested address for fe80::250:56ff:fe00:1

But still able to query it via its actual global IPv6 address.. With the info you have provided there is zero chance of anyone helping you..

listenipv6.png_thumb

ipv6dnsquery.png_thumb

bimmerdriver

The snapshot is Sun Jul 09 02:22:35 CDT 2017. At the moment, it's still working properly. nslookup returns a result and dig will return the a and aaaa records using either ipv4 or ipv6. My linux box is also working properly. All unbound settings are default. The log level is 1 so apparently, that's the default. I bumped it up to 2. It generates a lot more messages. Nothing that appears to be erroneous.

bimmerdriver

I updated to the latest snapshot and found that the problem returned after the reboot. With unbound logging at 2, there are a lot of messages including some errors (error sending query to auth server <ipv6 address="">port 53).

Here are the contents of the log in reverse chronological order (newest first). If you scroll down to the bottom, you will see the errors.

Jul 10 13:02:49	unbound	18407:1	info: validation success wpad.localdomain. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: validate(nxdomain): sec_status_secure
Jul 10 13:02:49	unbound	18407:1	info: query response was NXDOMAIN ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <.> 2001:7fd::1#53
Jul 10 13:02:49	unbound	18407:1	info: response for wpad.localdomain. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: validation success wpad.localdomain. A IN
Jul 10 13:02:49	unbound	18407:0	info: validate(nxdomain): sec_status_secure
Jul 10 13:02:49	unbound	18407:0	info: query response was NXDOMAIN ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <.> 2001:500:2f::f#53
Jul 10 13:02:49	unbound	18407:0	info: response for wpad.localdomain. A IN
Jul 10 13:02:49	unbound	18407:0	info: resolving wpad.localdomain. A IN
Jul 10 13:02:49	unbound	18407:1	info: resolving wpad.localdomain. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: Verified that unsigned response is INSECURE
Jul 10 13:02:49	unbound	18407:1	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:49	unbound	18407:1	info: Verified that unsigned response is INSECURE
Jul 10 13:02:49	unbound	18407:1	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:49	unbound	18407:1	info: validated DNSKEY net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:1	info: validated DNSKEY net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:1	info: query response was ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <net.> 192.31.80.30#53
Jul 10 13:02:49	unbound	18407:1	info: response for net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:0	info: Verified that unsigned response is INSECURE
Jul 10 13:02:49	unbound	18407:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:49	unbound	18407:0	info: Verified that unsigned response is INSECURE
Jul 10 13:02:49	unbound	18407:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:49	unbound	18407:0	info: validated DNSKEY net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <net.> 2001:503:39c1::30#53
Jul 10 13:02:49	unbound	18407:0	info: response for net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:1	info: validated DS net. DS IN
Jul 10 13:02:49	unbound	18407:1	info: query response was ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:1	info: validated DS net. DS IN
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:0	info: resolving net. DNSKEY IN
Jul 10 13:02:49	unbound	18407:0	info: validated DS net. DS IN
Jul 10 13:02:49	unbound	18407:0	info: Verified that unsigned response is INSECURE
Jul 10 13:02:49	unbound	18407:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <c-msedge.net.> 13.107.4.1#53
Jul 10 13:02:49	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ns2.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ns1.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ns1.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns2.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was CNAME
Jul 10 13:02:49	unbound	18407:1	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <c-msedge.net.> 13.107.4.1#53
Jul 10 13:02:49	unbound	18407:1	info: response for ns2.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: query response was CNAME
Jul 10 13:02:49	unbound	18407:1	info: reply from <msedge.net.> 204.79.197.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:0	info: query response was CNAME
Jul 10 13:02:49	unbound	18407:0	info: reply from <c-msedge.net.> 13.107.4.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns1.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ns1.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns2.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ns2.c-msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was REFERRAL
Jul 10 13:02:49	unbound	18407:1	info: reply from <net.> 2001:503:39c1::30#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns1.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns3.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns2.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:49	unbound	18407:0	info: reply from <net.> 2001:500:856e::30#53
Jul 10 13:02:49	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: query response was REFERRAL
Jul 10 13:02:49	unbound	18407:1	info: reply from <net.> 2001:503:d2d::30#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <msedge.net.> 204.79.197.1#53
Jul 10 13:02:49	unbound	18407:1	info: response for ns1.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <msedge.net.> 204.79.197.1#53
Jul 10 13:02:49	unbound	18407:1	info: response for ns3.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <msedge.net.> 131.253.21.1#53
Jul 10 13:02:49	unbound	18407:0	info: response for ns1.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <msedge.net.> 204.79.197.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ns4.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: reply from <msedge.net.> 131.253.21.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ns2.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: reply from <msedge.net.> 131.253.21.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ns4.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:0	info: reply from <msedge.net.> 204.79.197.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ns2.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:0	info: query response was CNAME
Jul 10 13:02:49	unbound	18407:0	info: reply from <msedge.net.> 131.253.21.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:49	unbound	18407:1	info: query response was CNAME
Jul 10 13:02:49	unbound	18407:1	info: reply from <msedge.net.> 131.253.21.2#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: reply from <msedge.net.> 131.253.21.2#53
Jul 10 13:02:49	unbound	18407:0	info: response for ns3.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns4.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns1.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ns1.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns3.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ns4.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: resolving ns2.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ns2.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:1	info: query response was REFERRAL
Jul 10 13:02:49	unbound	18407:1	info: reply from <net.> 2001:500:d937::30#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: resolving ns3.msedge.net. AAAA IN
Jul 10 13:02:49	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:49	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:0	info: reply from <net.> 2001:503:231d::2:30#53
Jul 10 13:02:49	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:49	unbound	18407:1	info: query response was CNAME
Jul 10 13:02:49	unbound	18407:1	info: reply from <msftconnecttest.com.> 208.84.2.53#53
Jul 10 13:02:49	unbound	18407:1	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:1	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:1	info: reply from <com.> 192.41.162.30#53
Jul 10 13:02:48	unbound	18407:1	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was CNAME
Jul 10 13:02:48	unbound	18407:0	info: reply from <msftconnecttest.com.> 2620:0:34::53#53
Jul 10 13:02:48	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <pch.net.> 2620:0:872::231:3#53
Jul 10 13:02:48	unbound	18407:0	info: response for anyns.pch.net. A IN
Jul 10 13:02:48	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:48	unbound	18407:1	info: query response was CNAME
Jul 10 13:02:48	unbound	18407:1	info: reply from <msftconnecttest.com.> 193.221.113.53#53
Jul 10 13:02:48	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.55.83.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:1	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:1	info: reply from <com.> 2001:500:d937::30#53
Jul 10 13:02:48	unbound	18407:1	info: response for ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <g.ntpns.org.> 89.36.18.22#53
Jul 10 13:02:48	unbound	18407:0	info: response for g.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <edu-servers.net.> 2001:500:126::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for c.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <pool.ntp.org.> 94.242.223.210#53
Jul 10 13:02:48	unbound	18407:0	info: response for 0.pfsense.pool.ntp.org. AAAA IN
Jul 10 13:02:48	unbound	18407:1	info: resolving ipv6.msftconnecttest.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ipv6.msftconnecttest.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <nstld.com.> 2001:500:127::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av2.nstld.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <g.ntpns.org.> 207.171.17.42#53
Jul 10 13:02:48	unbound	18407:0	info: response for g.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <edu-servers.net.> 192.42.178.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for f.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <edu-servers.net.> 192.82.133.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for d.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <edu-servers.net.> 192.82.134.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for a.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 2a01:608:ffff:a011::200#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns-g2.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <lightlink.com.> 64.57.176.2#53
Jul 10 13:02:48	unbound	18407:0	info: response for light.lightlink.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 94.242.223.200#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.eu.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 107.170.182.174#53
Jul 10 13:02:48	unbound	18407:0	info: response for g.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <nstld.com.> 2001:500:127::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av2.nstld.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <iecc.com.> 64.57.176.2#53
Jul 10 13:02:48	unbound	18407:0	info: response for sdn.iecc.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <nstld.com.> 192.42.177.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av3.nstld.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 2001:500:90:1::20#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.us.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <nstld.com.> 2001:500:126::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av3.nstld.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.54.112.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.us.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 92.243.1.21#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.eu.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 207.171.3.21#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns-g2.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 208.78.70.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for b.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <pch.net.> 2001:418:3f4::5#53
Jul 10 13:02:48	unbound	18407:0	info: response for anyns.pch.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 2001:500:94:1::20#53
Jul 10 13:02:48	unbound	18407:0	info: response for g.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.13.251.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for b.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.52.178.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av2.nstld.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 2607:f238:2::53:21#53
Jul 10 13:02:48	unbound	18407:0	info: response for d.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns4.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving b.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns4.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving g.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving g.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving b.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving 0.pfsense.pool.ntp.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: Verified that unsigned response is INSECURE
Jul 10 13:02:48	unbound	18407:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:48	unbound	18407:0	info: validated DNSKEY org. DNSKEY IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 199.19.53.1#53
Jul 10 13:02:48	unbound	18407:0	info: response for org. DNSKEY IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynamicnetworkservices.net.> 108.59.165.1#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns4.dynamicnetworkservices.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 208.78.70.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.us.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <udel.edu.> 128.175.13.17#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns1.udel.edu. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.54.112.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns-g2.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.52.178.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for light.lightlink.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 2001:503:d2d::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.us.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.5.6.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av3.nstld.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.54.112.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for sdn.iecc.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 2607:f238:2::53:21#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 2001:503:d2d::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns4.dynamicnetworkservices.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.13.250.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for c.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 2a02:e180:8::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns4.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 192.26.92.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for anyns.pch.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 192.48.79.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for d.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 2600:2000:1000::21#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns3.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.13.250.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for c.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.13.251.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for e.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 2001:500:b::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for e.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <udel.edu.> 2607:f470:1002::2:3#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns2.udel.edu. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <udel.edu.> 2607:f470:1003::3:c#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns1.udel.edu. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 2001:500:e::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for c.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.26.92.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 192.5.6.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for a.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving org. DNSKEY IN
Jul 10 13:02:48	unbound	18407:0	info: validated DS org. DS IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <pool.ntp.org.> 173.255.139.202#53
Jul 10 13:02:48	unbound	18407:0	info: response for 0.pfsense.pool.ntp.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.31.80.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns-g2.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.42.93.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.eu.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 2001:500:b::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for c.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <bitnames.com.> 204.13.250.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynamicnetworkservices.net.> 108.59.165.1#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.dynamicnetworkservices.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 192.35.51.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av2.nstld.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <edu.> 192.35.51.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns1.udel.edu. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.61.216.4#53
Jul 10 13:02:48	unbound	18407:0	info: response for d.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 208.78.71.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for f.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 2001:503:39c1::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 208.78.71.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for i.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.13.251.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for h.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 208.78.71.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for f.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 208.78.71.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for h.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 204.61.216.4#53
Jul 10 13:02:48	unbound	18407:0	info: response for i.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 199.19.57.1#53
Jul 10 13:02:48	unbound	18407:0	info: response for d.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 192.55.83.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.dynamicnetworkservices.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <iecc.com.> 72.249.171.254#53
Jul 10 13:02:48	unbound	18407:0	info: response for sdn.iecc.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 208.78.71.136#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 2001:502:8cc::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for av3.nstld.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 208.78.71.136#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 2001:502:8cc::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.eu.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 204.13.250.136#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving f.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving i.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.us.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving h.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving f.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving i.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving h.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntpns.org.> 208.78.71.20#53
Jul 10 13:02:48	unbound	18407:0	info: response for e.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving av3.nstld.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving av3.nstld.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 192.55.83.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for c.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.eu.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.eu.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 204.13.251.136#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns3.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 2001:502:8cc::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for anyns.pch.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 162.88.61.21#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns4.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns3.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving anyns.pch.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving anyns.pch.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns3.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <dynect.net.> 2001:500:90:1::136#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 2001:500:d937::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns4.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving dns2.udel.edu. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <edu.> 192.35.51.30#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns1.udel.edu. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 2001:500:c::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for e.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <everett.org.> 66.220.13.230#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns2.everett.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:48	unbound	18407:0	info: reply from <everett.org.> 66.220.13.230#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.everett.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving av2.nstld.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving av2.nstld.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 2001:502:8cc::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for f.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving light.lightlink.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <com.> 2001:502:7094::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for sdn.iecc.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.us.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns-g2.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns-g2.bitnames.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.us.bitnames.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 2001:500:40::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for d.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving a.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving f.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <.> 192.33.4.12#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns1.udel.edu. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving sdn.iecc.com. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving sdn.iecc.com. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.everett.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 199.19.54.1#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns1.everett.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving c.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving e.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving e.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving d.ntpns.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving d.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving c.ntpns.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <ntp.org.> 66.220.13.229#53
Jul 10 13:02:48	unbound	18407:0	info: response for 0.pfsense.pool.ntp.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns2.dynamicnetworkservices.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns4.dynamicnetworkservices.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <net.> 2001:503:d414::30#53
Jul 10 13:02:48	unbound	18407:0	info: response for ns4.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving c.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving d.edu-servers.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <.> 192.5.5.241#53
Jul 10 13:02:48	unbound	18407:0	info: response for dns1.udel.edu. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns4.p20.dynect.net. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving dns1.udel.edu. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving dns1.udel.edu. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns4.p20.dynect.net. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: resolving ns1.everett.org. AAAA IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <org.> 2001:500:c::1#53
Jul 10 13:02:48	unbound	18407:0	info: response for 0.pfsense.pool.ntp.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:48	unbound	18407:0	info: reply from <.> 2001:dc3::35#53
Jul 10 13:02:48	unbound	18407:0	info: response for 0.pfsense.pool.ntp.org. A IN
Jul 10 13:02:48	unbound	18407:0	info: resolving 0.pfsense.pool.ntp.org. A IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 208.76.45.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns2.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2620:0:37::53 port 53
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2620:0:32::53 port 53
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2620:0:34::53 port 53
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2620:0:37::53 port 53
Jul 10 13:02:36	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:36	unbound	18407:0	info: reply from <net.> 192.41.162.30#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns2.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: Verified that unsigned response is INSECURE
Jul 10 13:02:36	unbound	18407:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:36	unbound	18407:0	info: Verified that unsigned response is INSECURE
Jul 10 13:02:36	unbound	18407:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:02:36	unbound	18407:0	info: validated DNSKEY com. DNSKEY IN
Jul 10 13:02:36	unbound	18407:0	info: validated DNSKEY com. DNSKEY IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <com.> 192.12.94.30#53
Jul 10 13:02:36	unbound	18407:0	info: response for com. DNSKEY IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 208.76.45.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns4.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 193.221.113.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns2.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 193.221.113.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns3.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 208.76.45.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns3.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 208.84.2.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns1.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 208.76.45.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns1.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: validated DS com. DS IN
Jul 10 13:02:36	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msftncsi.com.> 208.76.45.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for dns.msftncsi.com. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:36	unbound	18407:0	info: reply from <net.> 192.48.79.30#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns3.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:36	unbound	18407:0	info: reply from <net.> 192.54.112.30#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns4.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:36	unbound	18407:0	info: reply from <net.> 192.5.6.30#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns2.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2620:0:32::53 port 53
Jul 10 13:02:36	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:36	unbound	18407:0	info: reply from <net.> 192.52.178.30#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns3.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2001:500:d937::30 port 53
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2001:501:b1f9::30 port 53
Jul 10 13:02:36	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:36	unbound	18407:0	info: reply from <.> 198.41.0.4#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns2.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2620:0:30::53 port 53
Jul 10 13:02:36	unbound	18407:0	info: resolving ns1.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: resolving ns1.msft.net. AAAA IN
Jul 10 13:02:36	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:36	unbound	18407:0	info: reply from <msft.net.> 208.84.2.53#53
Jul 10 13:02:36	unbound	18407:0	info: response for ns4.msft.net. A IN
Jul 10 13:02:36	unbound	18407:0	info: error sending query to auth server 2001:503:231d::2:30 port 53
Jul 10 13:02:36	unbound	18407:0	info: resolving com. DNSKEY IN
Jul 10 13:02:36	unbound	18407:0	info: validated DS com. DS IN
Jul 10 13:02:36	unbound	18407:0	info: Successfully primed trust anchor . DNSKEY IN
Jul 10 13:02:36	unbound	18407:0	info: validate keys with anchor(DS): sec_status_secure
Jul 10 13:02:35	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 192.33.4.12#53
Jul 10 13:02:35	unbound	18407:0	info: response for . DNSKEY IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2620:0:32::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <net.> 192.33.14.30#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns4.msft.net. A IN
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 198.97.190.53#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns2.msft.net. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:2d::d port 53
Jul 10 13:02:35	unbound	18407:0	info: resolving . DNSKEY IN
Jul 10 13:02:35	unbound	18407:0	info: prime trust anchor
Jul 10 13:02:35	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <google.com.> 216.239.38.10#53
Jul 10 13:02:35	unbound	18407:0	info: response for clients4.google.com. A IN
Jul 10 13:02:35	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <google.com.> 216.239.36.10#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns1.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <google.com.> 216.239.36.10#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns4.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns3.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving clients4.google.com. A IN
Jul 10 13:02:35	unbound	18407:0	info: query response was CNAME
Jul 10 13:02:35	unbound	18407:0	info: reply from <google.com.> 216.239.36.10#53
Jul 10 13:02:35	unbound	18407:0	info: response for clients4.google.com. A IN
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 192.112.36.4#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns4.msft.net. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:503:83eb::30 port 53
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 199.7.83.42#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns4.msft.net. A IN
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 199.7.83.42#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns3.msft.net. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <google.com.> 216.239.34.10#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns2.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: query response was nodata ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <google.com.> 216.239.38.10#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns3.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns2.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns1.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns4.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns3.google.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <com.> 192.55.83.30#53
Jul 10 13:02:35	unbound	18407:0	info: response for clients4.google.com. A IN
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 199.7.91.13#53
Jul 10 13:02:35	unbound	18407:0	info: response for ns3.msft.net. A IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:7fe::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:503:ba3e::2:30 port 53
Jul 10 13:02:35	unbound	18407:0	info: resolving ns2.msft.net. A IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:12::d0d port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:1::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: resolving ns4.msft.net. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:2::c port 53
Jul 10 13:02:35	unbound	18407:0	info: resolving ns4.msft.net. A IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns3.msft.net. A IN
Jul 10 13:02:35	unbound	18407:0	info: resolving ns3.msft.net. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:2::c port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:7fd::1 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:7fe::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: resolving ns2.msft.net. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <com.> 192.33.14.30#53
Jul 10 13:02:35	unbound	18407:0	info: response for dns.msftncsi.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: resolving clients4.google.com. A IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:501:b1f9::30 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:503:231d::2:30 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:502:1ca1::30 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:503:39c1::30 port 53
Jul 10 13:02:35	unbound	18407:0	info: query response was REFERRAL
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 202.12.27.33#53
Jul 10 13:02:35	unbound	18407:0	info: response for dns.msftncsi.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:503:c27::2:30 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:a8::e port 53
Jul 10 13:02:35	unbound	18407:0	info: priming successful for . NS IN
Jul 10 13:02:35	unbound	18407:0	info: query response was ANSWER
Jul 10 13:02:35	unbound	18407:0	info: reply from <.> 192.58.128.30#53
Jul 10 13:02:35	unbound	18407:0	info: response for . NS IN
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:7fe::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:7fe::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:7fe::53 port 53
Jul 10 13:02:35	unbound	18407:0	info: error sending query to auth server 2001:500:2f::f port 53
Jul 10 13:02:35	unbound	18407:0	info: priming . IN NS
Jul 10 13:02:35	unbound	18407:0	info: resolving dns.msftncsi.com. AAAA IN
Jul 10 13:02:35	unbound	18407:0	info: start of service (unbound 1.6.3).
Jul 10 13:02:35	unbound	18407:0	notice: init module 1: iterator
Jul 10 13:02:35	unbound	18407:0	notice: init module 0: validator</com.></com.></google.com.></google.com.></google.com.></google.com.></google.com.></google.com.></net.></msft.net.></net.></net.></net.></net.></msftncsi.com.></msft.net.></msft.net.></msft.net.></msft.net.></msft.net.></msft.net.></com.></net.></msft.net.></org.></net.></ntp.org.></org.></org.></com.></net.></everett.org.></everett.org.></org.></edu.></net.></dynect.net.></dynect.net.></net.></dynect.net.></net.></ntpns.org.></dynect.net.></com.></dynect.net.></com.></dynect.net.></iecc.com.></net.></org.></ntpns.org.></ntpns.org.></ntpns.org.></ntpns.org.></ntpns.org.></com.></ntpns.org.></ntpns.org.></edu.></com.></dynamicnetworkservices.net.></bitnames.com.></org.></com.></com.></pool.ntp.org.></net.></com.></org.></udel.edu.></udel.edu.></org.></ntpns.org.></ntpns.org.></dynect.net.></net.></net.></dynect.net.></ntpns.org.></net.></bitnames.com.></com.></com.></com.></com.></com.></udel.edu.></bitnames.com.></dynamicnetworkservices.net.></org.></ntpns.org.></com.></ntpns.org.></ntpns.org.></pch.net.></ntpns.org.></bitnames.com.></bitnames.com.></com.></nstld.com.></bitnames.com.></nstld.com.></iecc.com.></nstld.com.></ntpns.org.></bitnames.com.></lightlink.com.></bitnames.com.></edu-servers.net.></edu-servers.net.></edu-servers.net.></g.ntpns.org.></nstld.com.></pool.ntp.org.></edu-servers.net.></g.ntpns.org.></com.></com.></msftconnecttest.com.></pch.net.></msftconnecttest.com.></com.></msftconnecttest.com.></net.></net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></msedge.net.></net.></net.></net.></c-msedge.net.></msedge.net.></c-msedge.net.></c-msedge.net.></c-msedge.net.></c-msedge.net.></c-msedge.net.></c-msedge.net.></c-msedge.net.></c-msedge.net.></net.></net.>

I restarted unbound and nslookup and dig are working.

Here are the log messages from the restart. There are no errors.

Jul 10 13:11:01	unbound	85831:1	info: query response was ANSWER
Jul 10 13:11:01	unbound	85831:1	info: reply from <netgate.com.> 2610:1c1:3::108#53
Jul 10 13:11:01	unbound	85831:1	info: response for files00.netgate.com. AAAA IN
Jul 10 13:11:01	unbound	85831:1	info: resolving files00.netgate.com. AAAA IN
Jul 10 13:11:01	unbound	85831:1	info: Verified that unsigned response is INSECURE
Jul 10 13:11:01	unbound	85831:1	info: NSEC3s for the referral proved no DS.
Jul 10 13:11:01	unbound	85831:1	info: query response was ANSWER
Jul 10 13:11:01	unbound	85831:1	info: reply from <netgate.com.> 2610:160:11:3::6#53
Jul 10 13:11:01	unbound	85831:1	info: response for files00.netgate.com. A IN
Jul 10 13:11:01	unbound	85831:0	info: query response was nodata ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <google.com.> 216.239.32.10#53
Jul 10 13:11:01	unbound	85831:0	info: response for ns3.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: query response was ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <google.com.> 216.239.34.10#53
Jul 10 13:11:01	unbound	85831:0	info: response for google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: query response was nodata ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <google.com.> 216.239.36.10#53
Jul 10 13:11:01	unbound	85831:0	info: response for ns1.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving ns2.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving ns4.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: Verified that unsigned response is INSECURE
Jul 10 13:11:01	unbound	85831:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:11:01	unbound	85831:0	info: validated DNSKEY com. DNSKEY IN
Jul 10 13:11:01	unbound	85831:0	info: query response was ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <com.> 2001:503:39c1::30#53
Jul 10 13:11:01	unbound	85831:0	info: response for com. DNSKEY IN
Jul 10 13:11:01	unbound	85831:0	info: query response was nodata ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <google.com.> 216.239.34.10#53
Jul 10 13:11:01	unbound	85831:0	info: response for ns4.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving com. DNSKEY IN
Jul 10 13:11:01	unbound	85831:0	info: validated DS com. DS IN
Jul 10 13:11:01	unbound	85831:0	info: query response was ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <google.com.> 216.239.34.10#53
Jul 10 13:11:01	unbound	85831:0	info: response for google.com. A IN
Jul 10 13:11:01	unbound	85831:0	info: query response was nodata ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <google.com.> 216.239.38.10#53
Jul 10 13:11:01	unbound	85831:0	info: response for ns2.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:1	info: resolving files00.netgate.com. A IN
Jul 10 13:11:01	unbound	85831:1	info: Verified that unsigned response is INSECURE
Jul 10 13:11:01	unbound	85831:1	info: NSEC3s for the referral proved no DS.
Jul 10 13:11:01	unbound	85831:1	info: query response was ANSWER
Jul 10 13:11:01	unbound	85831:1	info: reply from <pfsense.org.> 192.207.126.6#53
Jul 10 13:11:01	unbound	85831:1	info: response for _https._tcp.beta.pfsense.org. SRV IN
Jul 10 13:11:01	unbound	85831:0	info: resolving ns1.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving ns4.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving ns3.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving ns2.google.com. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: query response was REFERRAL
Jul 10 13:11:01	unbound	85831:0	info: reply from <com.> 192.55.83.30#53
Jul 10 13:11:01	unbound	85831:0	info: response for google.com. A IN
Jul 10 13:11:01	unbound	85831:1	info: resolving _https._tcp.beta.pfsense.org. SRV IN
Jul 10 13:11:01	unbound	85831:0	info: resolving google.com. A IN
Jul 10 13:11:01	unbound	85831:0	info: validation success google.com.localdomain. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: validate(nxdomain): sec_status_secure
Jul 10 13:11:01	unbound	85831:0	info: query response was NXDOMAIN ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <.> 2001:500:a8::e#53
Jul 10 13:11:01	unbound	85831:0	info: response for google.com.localdomain. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: resolving google.com.localdomain. AAAA IN
Jul 10 13:11:01	unbound	85831:0	info: validation success google.com.localdomain. A IN
Jul 10 13:11:01	unbound	85831:0	info: validate(nxdomain): sec_status_secure
Jul 10 13:11:01	unbound	85831:0	info: query response was NXDOMAIN ANSWER
Jul 10 13:11:01	unbound	85831:0	info: reply from <.> 192.5.5.241#53
Jul 10 13:11:01	unbound	85831:0	info: response for google.com.localdomain. A IN
Jul 10 13:11:01	unbound	85831:0	info: resolving google.com.localdomain. A IN
Jul 10 13:10:52	unbound	85831:0	info: Verified that unsigned response is INSECURE
Jul 10 13:10:52	unbound	85831:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:10:52	unbound	85831:0	info: Verified that unsigned response is INSECURE
Jul 10 13:10:52	unbound	85831:0	info: NSEC3s for the referral proved no DS.
Jul 10 13:10:52	unbound	85831:0	info: validated DNSKEY org. DNSKEY IN
Jul 10 13:10:52	unbound	85831:0	info: validated DNSKEY org. DNSKEY IN
Jul 10 13:10:52	unbound	85831:0	info: query response was ANSWER
Jul 10 13:10:52	unbound	85831:0	info: reply from <org.> 2001:500:e::1#53
Jul 10 13:10:52	unbound	85831:0	info: response for org. DNSKEY IN
Jul 10 13:10:52	unbound	85831:0	info: resolving org. DNSKEY IN
Jul 10 13:10:52	unbound	85831:0	info: validated DS org. DS IN
Jul 10 13:10:52	unbound	85831:0	info: validated DS org. DS IN
Jul 10 13:10:52	unbound	85831:0	info: Successfully primed trust anchor . DNSKEY IN
Jul 10 13:10:52	unbound	85831:0	info: validate keys with anchor(DS): sec_status_secure
Jul 10 13:10:52	unbound	85831:1	info: resolving org. DNSKEY IN
Jul 10 13:10:52	unbound	85831:1	info: validated DS org. DS IN
Jul 10 13:10:52	unbound	85831:1	info: validated DS org. DS IN
Jul 10 13:10:52	unbound	85831:1	info: Successfully primed trust anchor . DNSKEY IN
Jul 10 13:10:52	unbound	85831:1	info: validate keys with anchor(DS): sec_status_secure
Jul 10 13:10:52	unbound	85831:0	info: Successfully primed trust anchor . DNSKEY IN
Jul 10 13:10:52	unbound	85831:0	info: validate keys with anchor(DS): sec_status_secure
Jul 10 13:10:52	unbound	85831:1	info: Successfully primed trust anchor . DNSKEY IN
Jul 10 13:10:52	unbound	85831:1	info: validate keys with anchor(DS): sec_status_secure
Jul 10 13:10:52	unbound	85831:0	info: query response was ANSWER
Jul 10 13:10:52	unbound	85831:0	info: reply from <.> 198.97.190.53#53
Jul 10 13:10:52	unbound	85831:0	info: response for . DNSKEY IN
Jul 10 13:10:52	unbound	85831:1	info: query response was ANSWER
Jul 10 13:10:52	unbound	85831:1	info: reply from <.> 2001:500:12::d0d#53
Jul 10 13:10:52	unbound	85831:1	info: response for . DNSKEY IN
Jul 10 13:10:51	unbound	85831:1	info: query response was nodata ANSWER
Jul 10 13:10:51	unbound	85831:1	info: reply from <netgate.com.> 2610:160:11:3::6#53
Jul 10 13:10:51	unbound	85831:1	info: response for ns1.netgate.com. AAAA IN
Jul 10 13:10:51	unbound	85831:0	info: prime trust anchor
Jul 10 13:10:51	unbound	85831:0	info: query response was ANSWER
Jul 10 13:10:51	unbound	85831:0	info: reply from <pfsense.org.> 162.208.119.38#53
Jul 10 13:10:51	unbound	85831:0	info: response for forum.pfsense.org. A IN
Jul 10 13:10:51	unbound	85831:1	info: query response was ANSWER
Jul 10 13:10:51	unbound	85831:1	info: reply from <netgate.com.> 192.207.126.6#53
Jul 10 13:10:51	unbound	85831:1	info: response for ns1.netgate.com. A IN
Jul 10 13:10:51	unbound	85831:1	info: prime trust anchor
Jul 10 13:10:51	unbound	85831:1	info: query response was ANSWER
Jul 10 13:10:51	unbound	85831:1	info: reply from <pfsense.org.> 162.208.119.38#53
Jul 10 13:10:51	unbound	85831:1	info: response for forum.pfsense.org. AAAA IN
Jul 10 13:10:51	unbound	85831:0	info: resolving . DNSKEY IN
Jul 10 13:10:51	unbound	85831:0	info: prime trust anchor
Jul 10 13:10:51	unbound	85831:0	info: query response was ANSWER
Jul 10 13:10:51	unbound	85831:0	info: reply from <pfsense.org.> 2610:1c1:3::108#53
Jul 10 13:10:51	unbound	85831:0	info: response for forum.pfsense.org. AAAA IN
Jul 10 13:10:51	unbound	85831:1	info: resolving . DNSKEY IN
Jul 10 13:10:51	unbound	85831:1	info: prime trust anchor
Jul 10 13:10:51	unbound	85831:1	info: query response was ANSWER
Jul 10 13:10:51	unbound	85831:1	info: reply from <pfsense.org.> 162.208.119.38#53
Jul 10 13:10:51	unbound	85831:1	info: response for forum.pfsense.org. A IN
Jul 10 13:10:51	unbound	85831:1	info: query response was nodata ANSWER
Jul 10 13:10:51	unbound	85831:1	info: reply from <netgate.com.> 192.207.126.6#53
Jul 10 13:10:51	unbound	85831:1	info: response for ns2.netgate.com. AAAA IN
Jul 10 13:10:51	unbound	85831:1	info: query response was REFERRAL
Jul 10 13:10:51	unbound	85831:1	info: reply from <com.> 2001:500:856e::30#53
Jul 10 13:10:51	unbound	85831:1	info: response for ns1.netgate.com. AAAA IN
Jul 10 13:10:51	unbound	85831:1	info: query response was REFERRAL
Jul 10 13:10:51	unbound	85831:1	info: reply from <com.> 192.55.83.30#53
Jul 10 13:10:51	unbound	85831:1	info: response for ns1.netgate.com. A IN
Jul 10 13:10:51	unbound	85831:0	info: query response was REFERRAL
Jul 10 13:10:51	unbound	85831:0	info: reply from <org.> 2001:500:c::1#53
Jul 10 13:10:51	unbound	85831:0	info: response for forum.pfsense.org. A IN
Jul 10 13:10:51	unbound	85831:1	info: query response was ANSWER
Jul 10 13:10:51	unbound	85831:1	info: reply from <netgate.com.> 2610:160:11:3::6#53
Jul 10 13:10:51	unbound	85831:1	info: response for ns2.netgate.com. A IN
Jul 10 13:10:51	unbound	85831:0	info: query response was REFERRAL
Jul 10 13:10:51	unbound	85831:0	info: reply from <org.> 199.249.112.1#53
Jul 10 13:10:51	unbound	85831:0	info: response for forum.pfsense.org. AAAA IN
Jul 10 13:10:51	unbound	85831:0	info: query response was REFERRAL
Jul 10 13:10:51	unbound	858</org.></netgate.com.></org.></com.></com.></netgate.com.></pfsense.org.></pfsense.org.></pfsense.org.></netgate.com.></pfsense.org.></netgate.com.></org.></com.></pfsense.org.></google.com.></google.com.></google.com.></com.></google.com.></google.com.></google.com.></netgate.com.></netgate.com.>
```</ipv6>

bimmerdriver

Another test. I rebooted, found nslookup not working, restarted unbound and nslookup was working. So it seems to be related to rebooting, not necessarily the snapshot.

johnpoz

Its possible your ipv6 is not coming up as fast as your ipv4? Your dhcp with tracking on your interfaces? Or maybe your ipv6 is changing on reboot?

I looked into my error - doh! Not my lan interface, my wan.. Which has no ipv6 on it so yeah makes sense why the error. Changed it to no bind to link-local on wan and no more log spam ;)

bimmerdriver

@johnpoz:

Its possible your ipv6 is not coming up as fast as your ipv4? Your dhcp with tracking on your interfaces? Or maybe your ipv6 is changing on reboot?

I looked into my error - doh! Not my lan interface, my wan.. Which has no ipv6 on it so yeah makes sense why the error. Changed it to no bind to link-local on wan and no more log spam ;)

It's definitely repeatable that the problem occurs after reboot and persists until unbound is restarted.

I cleared the logs and rebooted. unbound and dhcp6c appear to be starting up concurrently. Maybe this is the problem.

Here are log messages from unbound from after reboot to the first error:

Jul 11 09:51:18	unbound	16498:1	info: error sending query to auth server 2001:500:84::b port 53
Jul 11 09:51:18	unbound	16498:1	info: error sending query to auth server 2001:500:84::b port 53
Jul 11 09:51:18	unbound	16498:1	info: priming . IN NS
Jul 11 09:51:18	unbound	16498:1	info: resolving localdomain.localdomain. A IN
Jul 11 09:51:18	unbound	16498:0	info: priming . IN NS
Jul 11 09:51:18	unbound	16498:0	info: resolving localdomain.localdomain. AAAA IN
Jul 11 09:51:14	unbound	16498:0	info: start of service (unbound 1.6.3).
Jul 11 09:51:14	unbound	16498:0	notice: init module 1: iterator
Jul 11 09:51:14	unbound	16498:0	notice: init module 0: validator

Here are the first log messages from dhcp6c:

Jul 11 09:51:15	dhcp6c	9281	add an address 2001:569:74c0:da00:215:5dff:fe5c:e21e/64 on hn0
Jul 11 09:51:15	dhcp6c	9281	dhcp6c Received REQUEST
Jul 11 09:51:15	dhcp6c	9281	Sending Request
Jul 11 09:51:14	dhcp6c	9281	Sending Solicit
Jul 11 09:51:13	dhcp6c	9249	skip opening control port
Jul 11 09:51:13	dhcp6c	9249	failed initialize control message authentication
Jul 11 09:51:13	dhcp6c	9249	failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory

Unbound ipv6 problems anyone?

– I don't know at this stage. Basically when time becomes available to rewrite that section of code.

– I don't know at this stage. Basically when time becomes available to rewrite that section of code.

–
I don't know at this stage. Basically when time becomes available to rewrite that section of code.

–
I don't know at this stage. Basically when time becomes available to rewrite that section of code.