Unbound servfail

mRk · January 11, 2022, 8:09pm

Hi guys,

I installed pi-hole and unbound, but it seems I have a problem with unbound.
I'm on raspberry model B2.

My config files

sudo grep -v '#\|^$' -R /etc/unbound/unbound.conf*
/etc/unbound/unbound.conf:include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
/etc/unbound/unbound.conf.d/resolvconf_resolvers.conf:forward-zone:
/etc/unbound/unbound.conf.d/resolvconf_resolvers.conf:	name: "."
/etc/unbound/unbound.conf.d/resolvconf_resolvers.conf:	forward-addr: fd0f:ee:b0::1
/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf:server:
/etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf:    auto-trust-anchor-file: "/var/lib/unbound/root.key"
/etc/unbound/unbound.conf.d/pi-hole.conf:server:
/etc/unbound/unbound.conf.d/pi-hole.conf:    logfile: "/var/log/unbound/unbound.log"
/etc/unbound/unbound.conf.d/pi-hole.conf:    verbosity: 3
/etc/unbound/unbound.conf.d/pi-hole.conf:    interface: 127.0.0.1
/etc/unbound/unbound.conf.d/pi-hole.conf:    port: 5335
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-ip4: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-udp: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-tcp: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    do-ip6: no
/etc/unbound/unbound.conf.d/pi-hole.conf:    prefer-ip6: no
/etc/unbound/unbound.conf.d/pi-hole.conf:    root-hints: "/var/lib/unbound/root.hints"
/etc/unbound/unbound.conf.d/pi-hole.conf:    harden-glue: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    harden-dnssec-stripped: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    use-caps-for-id: no
/etc/unbound/unbound.conf.d/pi-hole.conf:    edns-buffer-size: 1232
/etc/unbound/unbound.conf.d/pi-hole.conf:    prefetch: yes
/etc/unbound/unbound.conf.d/pi-hole.conf:    num-threads: 1
/etc/unbound/unbound.conf.d/pi-hole.conf:    so-rcvbuf: 1m
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 192.168.0.0/16
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 169.254.0.0/16
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 172.16.0.0/12
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: 10.0.0.0/8
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: fd00::/8
/etc/unbound/unbound.conf.d/pi-hole.conf:    private-address: fe80::/10

dig pi-hole.net @127.0.0.1 -p 5335

dig pi-hole.net @127.0.0.1 -p 5335

; <<>> DiG 9.16.22-Raspbian <<>> pi-hole.net @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 55332
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; Query time: 0 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Tue Jan 11 21:03:12 CET 2022
;; MSG SIZE  rcvd: 40

Log after dig

cat /var/log/unbound/unbound.log
[1641931392] unbound[17135:0] debug: subnet[module 0] operate: extstate:module_state_initial event:module_event_new
[1641931392] unbound[17135:0] info: subnet operate: query pi-hole.net. A IN
[1641931392] unbound[17135:0] debug: validator[module 1] operate: extstate:module_state_initial event:module_event_pass
[1641931392] unbound[17135:0] info: validator operate: query pi-hole.net. A IN
[1641931392] unbound[17135:0] debug: iterator[module 2] operate: extstate:module_state_initial event:module_event_pass
[1641931392] unbound[17135:0] info: resolving pi-hole.net. A IN
[1641931392] unbound[17135:0] info: processQueryTargets: pi-hole.net. A IN
[1641931392] unbound[17135:0] debug: configured stub or forward servers failed -- returning SERVFAIL
[1641931392] unbound[17135:0] debug: return error response SERVFAIL
[1641931392] unbound[17135:0] debug: validator[module 1] operate: extstate:module_wait_module event:module_event_moddone
[1641931392] unbound[17135:0] info: validator operate: query pi-hole.net. A IN
[1641931392] unbound[17135:0] debug: subnet[module 0] operate: extstate:module_wait_module event:module_event_moddone
[1641931392] unbound[17135:0] info: subnet operate: query pi-hole.net. A IN
[1641931392] unbound[17135:0] debug: cache memory msg=33294 rrset=33040 infra=3920 val=33196 subnet=41372

Thank you for your help !

yubiuser · January 11, 2022, 8:10pm

Edit file /etc/resolvconf.conf and comment out the last line which should read:

unbound_conf=/etc/unbound/unbound.conf.d/resolvconf_resolvers.conf

Delete the unwanted unbound configuration file:

sudo rm /etc/unbound/unbound.conf.d/resolvconf_resolvers.conf

Restart unbound:

sudo service unbound restart

mRk · January 11, 2022, 8:58pm

 dig pi-hole.net @127.0.0.1 -p 5335

; <<>> DiG 9.16.22-Raspbian <<>> pi-hole.net @127.0.0.1 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49815
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pi-hole.net.			IN	A

;; ANSWER SECTION:
pi-hole.net.		300	IN	A	3.18.136.52

;; Query time: 399 msec
;; SERVER: 127.0.0.1#5335(127.0.0.1)
;; WHEN: Tue Jan 11 21:55:56 CET 2022
;; MSG SIZE  rcvd: 56

Seems it's working \o/

Thank you !

system · February 1, 2022, 8:59pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.