Hi all
I'm having issues with forwarding DNS queries from unbound to
DNSCrypt-Proxy, I'm getting the below error message: Quoteunbound: [61849:0] info: error sending query to auth server 127.0.0.1 port 5300
[/size]. This isn't happening with every query, only some and resulting in an error in chrome on the client computer.
I've setup Unbound & DNSCrypt-Proxy on Opnsense OPNsense 20.1.8_1.
This is as i want to make use of DNS-over-HTTPS [DoH], preferably over IPv6. I'm running unbound for local ip address resolution.
The main thing that i believed that handled the forwarding was the custom options in unbound:
Quote
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@5300
I'm running DNSCrypt-Proxy 1.8 & Unbound_plus 1.1_1
Thanks for any and all help.
When you use unbound-plus, the values from custom will alreday be set without the forwarder (which can't work)
I don't really understand what you mean, sorry?
any additional advice from anyone to fix this?
Ok, lets retry from start:
You have IPv6 enabled WAN? DNScrypt Proxy is known to have problems with v6 enabled servers, so it could be a first try to only use IPv4 servers in DNSCrypt.
If this also doesn't work, try to clear Unbound-Plus configuration and remove the plugin.
One of them should stop your issue and we know where to work on further ...
ok, great. Yes, correct i have IPv6 WAN, i've tried disabling v6 enabled servers in DNSCrypt, to no avail.
I also realized i misspoke, i don't actually have the the unbound-plus addon installed. I did reinstall the unbound package and double check for updates to opnsense and the unbound package (1.10.1), again no change.
Thanks for the help
Unfortunately i've still made no more progress in resolving this issue with several more hours of attempting to fix it, anyone able to help?
Can you disable DNSSEC in Unbound and also DNSSEC Server usage in DNSCrypt?
thanks for the suggestion, i just tried that with the same results unfortunately.