2024-03-04T21:23:04-05:00 Error unbound [66128:3] error: SERVFAIL <link.ablink.hardrockgames.com. AAAA IN>: exceeded the maximum number of sends2024-03-04T21:23:04-05:00 Error unbound [66128:0] error: SERVFAIL <link.ablink.hardrockgames.com. A IN>: exceeded the maximum number of sends2024-03-04T21:23:04-05:00 Error unbound [66128:1] error: SERVFAIL <link.ablink.hardrockgames.com. AAAA IN>: exceeded the maximum number of sends2024-03-04T21:23:04-05:00 Error unbound [66128:2] error: SERVFAIL <link.ablink.hardrockgames.com. A IN>: exceeded the maximum number of sends2024-03-04T21:22:54-05:00 Error unbound [66128:1] error: SERVFAIL <catalog.gamepass.com. A IN>: exceeded the maximum number of sends2024-03-04T21:22:47-05:00 Error unbound [66128:3] error: SERVFAIL <push.prod.netflix.com. A IN>: exceeded the maximum number of sends2024-03-04T21:22:44-05:00 Error unbound [66128:3] error: SERVFAIL <mn04-lobby-gate.mattel163.com. HTTPS IN>: exceeded the maximum number of sends2024-03-04T21:22:44-05:00 Error unbound [66128:0] error: SERVFAIL <mn04-lobby-gate.mattel163.com. A IN>: exceeded the maximum number of sends2024-03-04T21:22:43-05:00 Error unbound [66128:3] error: SERVFAIL <tc-log.mattel163.com. A IN>: exceeded the maximum number of sends
2024-03-05T12:45:51-05:00 Error unbound [6767:1] error: udp connect failed: No route to host for 2001:502:7094::30 port 53 (len 28)
I don't know if plays a part but check: System > Settings > General > Networking | " Prefer to use IPv4 even if IPv6 is available "maybe ?
Is IPv6 disabled on your WAN?What do you have for your DNS settings on System: Settings: General?Do you have any entries under Services: Unbound DNS: Query Forwarding or Services: Unbound DNS: DNS over TLS?As a side note, enabling IPv6 just for unbound can be handy as resolvers return both v4 and v6 records. It's the only v6 traffic I currently have on my network.
Quote from: CJ on March 07, 2024, 01:11:11 pmIs IPv6 disabled on your WAN?What do you have for your DNS settings on System: Settings: General?Do you have any entries under Services: Unbound DNS: Query Forwarding or Services: Unbound DNS: DNS over TLS?As a side note, enabling IPv6 just for unbound can be handy as resolvers return both v4 and v6 records. It's the only v6 traffic I currently have on my network.Yes IPv6 is completely disabled on all interfaces.Under system > settings > general > DNS servers I have 1.1.1.1 and 8.8.8.8.Nothing under Unbound DNS > Query Forwarding or DNS over TLS
What do you have under DNS server options on the General page?
Quote from: CJ on March 08, 2024, 03:51:45 pmWhat do you have under DNS server options on the General page?Under system > settings > general > DNS servers I have 1.1.1.1 and 8.8.8.8.
Hi,I have had the same problems since a few updates ago.I'm on OPNsense 24.1.3_1-amd64IPv6 Is disabled overall, I'm using 8.8.8.8 or 1.1.1.1 as default DNS on opnsense, with no override on LANs.In unbound I don't have DNSSEC and I don't have query forwarding ON.Every now and then I get SERVFAIL for exceeded maximum requests, I have up to 8000 contemporary requests at specific times of the day.With dnsqmasq I have no problems
Quote from: vrtigo1 on March 12, 2024, 02:27:10 amQuote from: CJ on March 08, 2024, 03:51:45 pmWhat do you have under DNS server options on the General page?Under system > settings > general > DNS servers I have 1.1.1.1 and 8.8.8.8.Not DNS servers. DNS server options. The section below where the DNS servers are entered.
Quote from: CJ on March 13, 2024, 01:09:19 pmQuote from: vrtigo1 on March 12, 2024, 02:27:10 amQuote from: CJ on March 08, 2024, 03:51:45 pmWhat do you have under DNS server options on the General page?Under system > settings > general > DNS servers I have 1.1.1.1 and 8.8.8.8.Not DNS servers. DNS server options. The section below where the DNS servers are entered.Nothing checked there.