Unbound DNS SERVFAIL issue

[cinergi]

Hello,

I'm using Unbound on 24.7.12 with a mostly default configuration, and am seeing periodic and intermittent SERVFAILs fairly often in the log.  Here's a typical example from today's log:

Code Select Expand

2025-01-18T12:53:16-05:00 Error unbound [93701:2] error: SERVFAIL <v20.events.data.microsoft.com. A IN>: misc failure
2025-01-18T12:53:16-05:00 Error unbound [93701:1] error: SERVFAIL <v20.events.data.microsoft.com. A IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:49:19-05:00 Error unbound [93701:3] error: SERVFAIL <mobile.events.data.microsoft.com. A IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:49:18-05:00 Error unbound [93701:0] error: SERVFAIL <mobile.events.data.microsoft.com. A IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:49:18-05:00 Error unbound [93701:1] error: SERVFAIL <mobile.events.data.microsoft.com. A IN>: misc failure
2025-01-18T12:48:07-05:00 Error unbound [93701:0] error: SERVFAIL <download.windowsupdate.com. AAAA IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:48:07-05:00 Error unbound [93701:2] error: SERVFAIL <download.windowsupdate.com. AAAA IN>: misc failure
2025-01-18T12:36:38-05:00 Error unbound [93701:2] error: SERVFAIL <mobile.events.data.microsoft.com. A IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:34:27-05:00 Error unbound [93701:1] error: SERVFAIL <login.live.com. AAAA IN>: misc failure
2025-01-18T12:34:27-05:00 Error unbound [93701:0] error: SERVFAIL <login.live.com. AAAA IN>: misc failure
2025-01-18T12:33:39-05:00 Error unbound [93701:3] error: SERVFAIL <msedge.b.tlu.dl.delivery.mp.microsoft.com. A IN>: misc failure
2025-01-18T12:33:39-05:00 Error unbound [93701:2] error: SERVFAIL <msedge.b.tlu.dl.delivery.mp.microsoft.com. A IN>: misc failure
2025-01-18T12:33:03-05:00 Error unbound [93701:1] error: SERVFAIL <8-courier.push.apple.com. AAAA IN>: misc failure
2025-01-18T12:33:00-05:00 Error unbound [93701:2] error: SERVFAIL <displaycatalog.mp.microsoft.com. A IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:33:00-05:00 Error unbound [93701:1] error: SERVFAIL <fs.microsoft.com. A IN>: misc failure
2025-01-18T12:33:00-05:00 Error unbound [93701:1] error: SERVFAIL <fs.microsoft.com. AAAA IN>: misc failure
2025-01-18T12:33:00-05:00 Error unbound [93701:3] error: SERVFAIL <fs.microsoft.com. AAAA IN>: misc failure
2025-01-18T12:18:31-05:00 Error unbound [93701:2] error: SERVFAIL <nrdp-ipv6.prod.ftl.netflix.com. A IN>: exceeded the maximum nameserver nxdomains
2025-01-18T12:18:31-05:00 Error unbound [93701:0] error: SERVFAIL <nrdp-ipv6.prod.ftl.netflix.com. A IN>: exceeded the maximum nameserver nxdomains

Any ideas on how to resolve this?  The same domains resolve fine seconds or minutes later.  There doesn't seem to be a pattern of which domains fail; the reason why there are a lot of Microsoft domains above is simply because someone in my household booted a Windows PC and it reached out to Microsoft for updates, etc.  It also happens on other domains like Netflix, Amazon, etc. (you can see Netflix in the list for example).

Thank you!

[pfry]

Doesn't look like a connectivity issue - the errors appear to be DNS-specific. Shot in the dark: An unhappy, rate-limited proxy? You may be able to tell simply through nslookup, e.g.:

Code Select Expand

C:\Users\User>nslookup
Default Server:  mars2.redsword.com
Address:  47.190.83.191

> mobile.events.data.microsoft.com
Server:  mars2.redsword.com
Address:  47.190.83.191

Non-authoritative answer:
Name:    onedscolprdweu15.westeurope.cloudapp.azure.com
Address:  13.69.116.108
Aliases:  mobile.events.data.microsoft.com
          mobile.events.data.trafficmanager.net

> exit
The server is as I expect - see if yours is. A reasonably friendly proxy will reveal its identity.

[meyergru]

Maybe you turned on "Strict QNAME Minimisation" in Unbound? This breaks things.