Domain overrides frequently returning NXDomain
We have an HA setup with an ipsec tunnel to the main site. We need to resolve a specific domain with the DNS servers running at the main site. For this we added a domain override pointing to one of the DNS server there.
In our LAN this domain is resolvable, but after a few moments (sometimes a few seconds), the resolution returns NXDomain error.
It seems unbound negatively cached the forward, because it works again after an
I wasn't able to spot anything in the
resolver.log, and I fail to see how to troubleshoot the problem.
Any idea what could cause this issue?
Gertjan last edited by
Unbound is the resolver, running on pfSense.
That's the resolver being used, right ?
The unbound / resolver was restarting when you get NXDomain ?
Yes, it is unbound. The pfsense acts as a resolver for the LAN, and should forward requests from the domain override to the remote server.
I don't think unbound was restarting. The option that makes DHCP lease store client names in the resolver has been disabled a long time ago.