Need help and techniques to debug DNS failure on Facebook and Instagram using Pihole with Unbound

deHakkelaar · May 27, 2021, 1:33pm

I created a little bash script to analyse those debug logs and generate a list of dig queries that unbound performs.
Next time we can compare outcome for those queries between a good and bad setup.
I know its not perfect but does the job:

pi@ph5b:~ $ nano unbound_check.sh
#!/bin/bash
while read LINE; do
   if [[ "$LINE" =~ "sending query" ]]; then
      QUERY=$(sed 's/^.*sending query: //' <<< $LINE )
   fi
   if [[ "$LINE" =~ "sending to target" ]]; then
      TARGET=$(sed 's/^.*sending to target.*> //; s/#.*$//' <<< $LINE )
   fi
   if [[ "$QUERY" != "" ]] && [[ "$TARGET" != "" ]]; then
      echo "dig +norecurse @$TARGET $QUERY"
      QUERY=""
      TARGET=""
   fi
done < $1

pi@ph5b:~ $ chmod +x unbound_check.sh
pi@ph5b:~ $

Below my good logs:

pi@ph5b:~ $ ./unbound_check.sh unbound.good.log | column -t
dig  +norecurse  @192.203.230.10   .                                   NS      IN
dig  +norecurse  @199.9.14.201     com.                                A       IN
dig  +norecurse  @192.54.112.30    instagram.com.                      A       IN
dig  +norecurse  @205.251.193.128  www.instagram.com.                  A       IN
dig  +norecurse  @192.112.36.4     org.                                A       IN
dig  +norecurse  @192.36.148.17    uk.                                 A       IN
dig  +norecurse  @202.12.27.33     net.                                A       IN
dig  +norecurse  @199.19.53.1      awsdns-40.org.                      A       IN
dig  +norecurse  @192.35.51.30     facebook.com.                       A       IN
dig  +norecurse  @192.54.112.30    awsdns-44.net.                      A       IN
dig  +norecurse  @205.251.196.43   ns-1349.awsdns-40.org.              A       IN
dig  +norecurse  @129.134.31.12    c10r.facebook.com.                  A       IN
dig  +norecurse  @205.251.195.46   ns-868.awsdns-44.net.               A       IN
dig  +norecurse  @129.134.30.11    z-p42-instagram.c10r.facebook.com.  A       IN
dig  +norecurse  @43.230.48.1      co.uk.                              A       IN
dig  +norecurse  @156.154.102.3    awsdns-60.co.uk.                    A       IN
dig  +norecurse  @192.36.148.17    .                                   DNSKEY  IN
dig  +norecurse  @192.33.4.12      _ta-4f66.                           A       IN
dig  +norecurse  @192.52.178.30    com.                                DNSKEY  IN
dig  +norecurse  @205.251.198.1    ns-2016.awsdns-60.co.uk.            A       IN

Below the bad logs:

pi@ph5b:~ $ ./unbound_check.sh unbound.bad.log | column -t
dig  +norecurse  @192.5.5.241      .                                   NS  IN
dig  +norecurse  @198.97.190.53    com.                                A   IN
dig  +norecurse  @192.31.80.30     instagram.com.                      A   IN
dig  +norecurse  @205.251.193.128  www.instagram.com.                  A   IN
dig  +norecurse  @192.5.5.241      org.                                A   IN
dig  +norecurse  @192.5.5.241      uk.                                 A   IN
dig  +norecurse  @192.112.36.4     net.                                A   IN
dig  +norecurse  @192.43.172.30    facebook.com.                       A   IN
dig  +norecurse  @199.19.56.1      awsdns-40.org.                      A   IN
dig  +norecurse  @192.12.94.30     awsdns-44.net.                      A   IN
dig  +norecurse  @185.89.218.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @205.251.199.172  ns-868.awsdns-44.net.               A   IN
dig  +norecurse  @205.251.194.234  ns-1349.awsdns-40.org.              A   IN
dig  +norecurse  @156.154.103.3    co.uk.                              A   IN
dig  +norecurse  @156.154.103.3    awsdns-60.co.uk.                    A   IN
dig  +norecurse  @205.251.198.1    ns-2016.awsdns-60.co.uk.            A   IN
dig  +norecurse  @129.134.30.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @129.134.30.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.31.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.31.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.219.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @185.89.219.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @185.89.219.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.219.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.219.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.31.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @129.134.31.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.31.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.30.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @129.134.30.12    c10r.facebook.com.                  A   IN
dig  +norecurse  @185.89.219.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.30.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.219.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.219.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @185.89.218.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.30.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.30.12    z-p42-instagram.c10r.facebook.com.  A   IN
dig  +norecurse  @129.134.30.12    z-p42-instagram.c10r.facebook.com.  A   IN

EDIT: added good/bad