New OPNsense setup (22.1.6), I have Unbound as my DNS server, with forwards directed to Adguard Home, works great, but looking at performance.
I see the same query in adguard's log many times in a row, separated by a few seconds.
In Unbound I set the "Minimum TTL for RRsets and messages" to 86400, and the TTL for host cache to 15 minutes (the max), and even set "Serve expired responses" to true.
Unbound Message cache size is 512MB (the max) and number of hosts to ache 50,000 (the max).
Yet I'll see in Adguard something like the below (see screen shot). I see these repeats both for blocked and processed queries both A and AAAA.
The Unbound statistics says it has (since last start) 78,072 cache hits to 5,794 misses, so it SOUNDS like it is caching, but... how can it be caching and making repeated calls for the same fqdn?
What kind of setting might I have incorrect that is causing Unbound to keep querying
Adguard when it should have it in the cache?
Any ideas?
As another example I did the below. You can see that the entry is in the cache, but the nslookup resulted in a hit to Adguard (not shown, but it showed up in the Adguard query list).
To me Unbound should not have asked Adguard anything. Or am I misunderstanding?
root@OPNsense:~ # unbound-control -c /var/unbound/unbound.conf dump_cache | grep malwareb
telemetry.malwarebytes.com. 26856 IN AAAA ::
msg telemetry.malwarebytes.com. IN AAAA 33152 1 26856 0 1 0 0
telemetry.malwarebytes.com. IN AAAA 0
root@OPNsense:~ # nslookup telemetry.malwarebytes.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
Name: telemetry.malwarebytes.com
Address: ::
root@OPNsense:~ # unbound-control -c /var/unbound/unbound.conf dump_cache | grep malwareb
telemetry.malwarebytes.com. 26822 IN AAAA ::
msg telemetry.malwarebytes.com. IN AAAA 33152 1 26822 0 1 0 0
telemetry.malwarebytes.com. IN AAAA 0
msg telemetry.malwarebytes.com. IN A 33152 1 1 0 0 0 0