SERVFAIL response when "Enable Forwarding Mode" is checked



  • Hey All -

    So I am using 2.2.5 and use OpenDNS for content filtering purposes.

    Under System -> General Setup I have the OpenDNS IPs listed
    Under Services -> DNS Resolver I have it enabled, also have Enable Forwarding Mode checked
    DHCP hands out the OpenDNS IP as my DNS server (192.168.0.254 in this case)

    Running a nslookup I get this response:

    nslookup

    cnn.com
    Server: 192.168.0.254
    Address: 192.168.0.254#53

    ** server can't find cnn.com.home.mydomain.com: SERVFAIL

    It looks like it's appending my own internal domain to the tail end of whatever is being queried.  Naturally, all connected devices are having DNS resolution issues.

    If I uncheck Enable Forwarding Mode - all is well:

    nslookup

    cnn.com
    Server: 192.168.0.254
    Address: 192.168.0.254#53

    Non-authoritative answer:
    Name: cnn.com
    Address: 157.166.226.25
    Name: cnn.com
    Address: 157.166.226.26

    Is this a bug or some other configuration issue?

    Thanks


  • Banned

    Stop forwarding to OpenDNS with DNSSEC enabled. OpenDNS does NOT support DNSSEC.


  • LAYER 8 Global Moderator

    Agreed, if your going to use forwarder mode and want dnssec where your sending has to support it.

    As to your query, yeah depending on your os and setup its going to append your machines domain suffix to your queries.. If you don't want that to happen then end your query with .

    cnn.com.


Log in to reply