Unbound: error sending query to auth server [issues with Unbound -> DNSCrypt]

Started by a_dub, July 20, 2020, 04:14:03 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 20, 2020, 04:14:03 AM
Hi all
I'm having issues with forwarding DNS queries from unbound to DNSCrypt-Proxy, I'm getting the below error message: 
Quoteunbound: [61849:0] info: error sending query to auth server 127.0.0.1 port 5300
[/size].
This isn't happening with every query, only some and resulting in an error in chrome on the client computer.

I've setup Unbound & DNSCrypt-Proxy on Opnsense OPNsense 20.1.8_1. This is as i want to make use of DNS-over-HTTPS [DoH], preferably over IPv6. I'm running unbound for local ip address resolution.

The main thing that i believed that handled the forwarding was the custom options in unbound:

Quote
do-not-query-localhost: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@5300
I'm running DNSCrypt-Proxy 1.8 & Unbound_plus 1.1_1


Thanks for any and all help.
July 20, 2020, 06:58:39 AM #1
When you use unbound-plus, the values from custom will alreday be set without the forwarder (which can't work)
July 21, 2020, 05:03:53 AM #2
I don't really understand what you mean, sorry?
July 24, 2020, 03:23:28 AM #3
any additional advice from anyone to fix this?
July 24, 2020, 07:19:18 AM #4
Ok, lets retry from start:

You have IPv6 enabled WAN? DNScrypt Proxy is known to have problems with v6 enabled servers, so it could be a first try to only use IPv4 servers in DNSCrypt.

If this also doesn't work, try to clear Unbound-Plus configuration and remove the plugin.

One of them should stop your issue and we know where to work on further ...
July 24, 2020, 09:34:42 AM #5
ok, great. Yes, correct i have IPv6 WAN, i've tried disabling v6 enabled servers in DNSCrypt, to no avail. 
I also realized i misspoke, i don't actually have the the unbound-plus addon installed. I did reinstall the unbound package and double check for updates to opnsense and the unbound package (1.10.1), again no change.

Thanks for the help
July 29, 2020, 11:06:23 AM #6
Unfortunately i've still made no more progress in resolving this issue with several more hours of attempting to fix it, anyone able to help?
July 29, 2020, 12:50:19 PM #7
Can you disable DNSSEC in Unbound and also DNSSEC Server usage in DNSCrypt?
July 29, 2020, 03:08:27 PM #8
thanks for the suggestion, i just tried that with the same results unfortunately.
Print
Go Up Pages1
User actions