Pi-hole + unbound - second install SERVFAIL

uglytuna · April 10, 2023, 7:16pm

I have installed pi-hole + unbound following pihole guide 3 times now on both Rapberry pi and VM and all worked without a hitch.
I am now trying to install a second pi+unbound on the same subnet as a previous install and was getting SERFAIL when testing.

Have tried setting up on the subnet as both VM and hardware systems without success

My /etc/unbound/unbound.conf.d/pi-hole.conf is exactly the same on both instances
I do have the /var/lib/unbound/root.hints file in both systems

I have logging set to level 2 (I think) and here is sampling of output
(not working)
[1681151195] unbound[3226:0] info: service stopped (unbound 1.13.1).
[1681151195] unbound[3251:0] info: start of service (unbound 1.13.1).
(working)
[1681151971] unbound[3403:0] info: 127.0.0.1 pi-hole.net. A IN
[1681152144] unbound[3403:0] info: 127.0.0.1 fail01.dnssec.works. A IN
[1681152158] unbound[3403:0] info: 127.0.0.1 dnssec.works. A IN

I was finally able to get second system to work by adding

forward-zone:
    name: "."
    forward-addr: 8.8.8.8

to unbound.conf file

I am just a hobbyist and not sure where the problem lies. My guess is there is a conflict in the second instance connecting with authoritative DNS servers, but I have no idea how I go about resolving.

I apologize ahead for not including any required information and will provide whatever is needed

TIA

Bucking_Horn · April 12, 2023, 9:09am

Please share the command and output producing that SERVFAIL.

And please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:

pihole -d

or do it through the Web interface:

Tools > Generate Debug Log

uglytuna · April 12, 2023, 2:01pm

debug log
https://tricorder.pi-hole.net/PieOXCCQ/

uglytuna · April 12, 2023, 2:14pm

woudln't let me add as a reply
kept getting "An error occurred: Sorry, new users can't mention other users." So uploaded as file

debug log
https://tricorder.pi-hole.net/PieOXCCQ/
------
command and output

dig pi-hole.net @127.0.0.1 -p 5335

; <<>> DiG 9.16.37-Debian <<>> pi-hole.net @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 21724
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pi-hole.net.                   IN      A

;; Query time: 120 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Wed Apr 12 08:57:00 EDT 2023
;; MSG SIZE  rcvd: 40

system · May 3, 2023, 2:15pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.