OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: a_dub on July 20, 2020, 04:14:03 am

Title: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: a_dub on July 20, 2020, 04:14:03 am

Hi all
I'm having issues with forwarding DNS queries from unbound to DNSCrypt-Proxy, I'm getting the below error message: 

Quote

unbound: [61849:0] info: error sending query to auth server 127.0.0.1 port 5300

[/size].
This isn't happening with every query, only some and resulting in an error in chrome on the client computer.

I've setup Unbound & DNSCrypt-Proxy on Opnsense OPNsense 20.1.8_1. This is as i want to make use of DNS-over-HTTPS [DoH], preferably over IPv6. I'm running unbound for local ip address resolution.

The main thing that i believed that handled the forwarding was the custom options in unbound:

Quote

do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@5300

I'm running DNSCrypt-Proxy 1.8 & Unbound_plus 1.1_1


Thanks for any and all help.

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: mimugmail on July 20, 2020, 06:58:39 am

When you use unbound-plus, the values from custom will alreday be set without the forwarder (which can't work)

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: a_dub on July 21, 2020, 05:03:53 am

I don't really understand what you mean, sorry?

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: a_dub on July 24, 2020, 03:23:28 am

any additional advice from anyone to fix this?

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: mimugmail on July 24, 2020, 07:19:18 am

Ok, lets retry from start:

You have IPv6 enabled WAN? DNScrypt Proxy is known to have problems with v6 enabled servers, so it could be a first try to only use IPv4 servers in DNSCrypt.

If this also doesn't work, try to clear Unbound-Plus configuration and remove the plugin.

One of them should stop your issue and we know where to work on further ...

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: a_dub on July 24, 2020, 09:34:42 am

ok, great. Yes, correct i have IPv6 WAN, i've tried disabling v6 enabled servers in DNSCrypt, to no avail. 
I also realized i misspoke, i don't actually have the the unbound-plus addon installed. I did reinstall the unbound package and double check for updates to opnsense and the unbound package (1.10.1), again no change.

Thanks for the help

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: a_dub on July 29, 2020, 11:06:23 am

Unfortunately i've still made no more progress in resolving this issue with several more hours of attempting to fix it, anyone able to help?

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: mimugmail on July 29, 2020, 12:50:19 pm

Can you disable DNSSEC in Unbound and also DNSSEC Server usage in DNSCrypt?

Title: Re: Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]
Post by: a_dub on July 29, 2020, 03:08:27 pm

thanks for the suggestion, i just tried that with the same results unfortunately.