Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Sporadic DNS issues, cryptic error in logs.

    Scheduled Pinned Locked Moved
    DHCP and DNS
    3
    6
    223
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zaitz
      last edited by zaitz

      Hello!

      I have started getting DNS_PROBE_FINISHED_NXDOMAIN errors randomly. When i first klick on a link from time to time I will get a DNS timeout, but on the second klick everything works as expected. Same behavior on different machines, all have DNS pointed to pfsense.

      When i look at DNS resolver logs i have the same error every second just rolling and rolling. When I restart DNS Resolver the error disappears for some amount of time and the reappears.

      The error is:
      unbound 83772 [83772:3] error: in comm_point_tcp_handle_read buffer_remaining is not > 0 as expected, continuing with (harmless) 0 length recv

      Any idea what this could be? I have Suricata installed, with monitoring but not blocking. Also OpenVPN, not much else.

      Any help appreciated.

      T S 2 Replies Last reply Reply Quote 1
      • T
        The Party of Hell No @zaitz
        last edited by

        @zaitz
        https://forum.netgate.com/topic/188303/unbound-crashing-randomly-after-24-03-upgrade

        Not specifically your problem, however in other posts this was suggested as a way to stop this error.

        Most probable cause : uncheck this one:

        450dde45-a7ce-4563-961d-54960123c9a8-image.png

        1 Reply Last reply Reply Quote 0
        • S
          SteveITS Rebel Alliance @zaitz
          last edited by

          @zaitz Here's a thread with that message, no solution yet though:
          https://forum.netgate.com/topic/187510/dns_probe_finished_nxdomain-sporadically-for-anywhere-from-30secs-to-10min-works-flawlessly-at-all-other-times

          If you have Resolver set to forward, uncheck DNSSEC.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote 👍 helpful posts!

          1 Reply Last reply Reply Quote 1
          • Z
            zaitz
            last edited by

            Unluckily these are not it, as I don't have eather "DNSSEC" nor "Register DHCP" activated.

            T 1 Reply Last reply Reply Quote 0
            • T
              The Party of Hell No @zaitz
              last edited by

              @zaitz
              DNS_PROBE_FINISHED_NXDOMAIN - search the database, yours is not the first error like this.

              Maybe also, if you have a pre-update config file... might restore it and reboot - make a current config file before proceeding to get back to current if it does not rid the error code.

              T 1 Reply Last reply Reply Quote 0
              • T
                The Party of Hell No @The Party of Hell No
                last edited by

                @The-Party-of-Hell-No
                Another post:

                https://forum.netgate.com/topic/187510/dns_probe_finished_nxdomain-sporadically-for-anywhere-from-30secs-to-10min-works-flawlessly-at-all-other-times/31

                1 Reply Last reply Reply Quote 1
                • S SteveITS referenced this topic on
                • First post
                  Last post