1
23.7 Legacy Series / Unbound DNS Query Forwarding not working as expected
« on: August 31, 2023, 09:23:24 pm »
I've got Unbound DNS set up with queries going out with DNS over TLS. Those all work fine. I've now got a VPN connection enabled on OPNSense and I'm trying to forward queries for that domain over that connection to the DNS server on that end.
I have Query Forwarding setup as in the attachment.
When I do a normal query for a host on that domain, I get the following:
When I tell the query to use the upstream DNS server explicity it works
Anyone have any idea why this is happening?
I have Query Forwarding setup as in the attachment.
When I do a normal query for a host on that domain, I get the following:
Code: [Select]
root@OPNsense:~ # host -vv HOST_NAME.DOMAIN_NAME
Trying "HOST_NAME.DOMAIN_NAME"
;; connection timed out; no servers could be reached
When I tell the query to use the upstream DNS server explicity it works
Code: [Select]
root@OPNsense:~ # host -vv HOST_NAME.DOMAIN_NAME 10.30.50.50
Trying "HOST_NAME.DOMAIN_NAME"
Using domain server:
Name: 10.30.50.50
Address: 10.30.50.50#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38670
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN A
;; ANSWER SECTION:
HOST_NAME.DOMAIN_NAME. 1200 IN A 10.30.50.119
Received 61 bytes from 10.30.50.50#53 in 32 ms
Trying "HOST_NAME.DOMAIN_NAME"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26674
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN AAAA
;; AUTHORITY SECTION:
DOMAIN_NAME. 3600 IN SOA DNS_SERVER.DOMAIN_NAME. hostmaster.DOMAIN_NAME. 13379 900 600 86400 3600
Received 102 bytes from 10.30.50.50#53 in 30 ms
Trying "HOST_NAME.DOMAIN_NAME"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 530
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN MX
;; AUTHORITY SECTION:
DOMAIN_NAME. 3600 IN SOA DNS_SERVER.DOMAIN_NAME. hostmaster.DOMAIN_NAME. 13379 900 600 86400 3600
Received 102 bytes from 10.30.50.50#53 in 30 ms
Anyone have any idea why this is happening?