It looks like unbound is still having issues.
Unknown how to fix permanently.
TCP is being used, status is WORKING, for the time being.
TLS goes to BROKEN status.
When you look in the log for unbound, this stuff is filling the log.
08:39:58 unbound: [1773:0] error: SERVFAIL <www.google.com. A IN>: all the configured stub or forward serv ers failed, at zone .
08:39:58 unbound: [1773:0] error: SERVFAIL <googleads.g.doubleclick.net. A IN>: all the configured stub or forward servers failed, at zone .
08:39:58 unbound: [1773:0] error: SERVFAIL <r5---sn-qxoedn7k.googlevideo.com. A IN>: all the configured st ub or forward servers failed, at zone .
08:39:58 unbound: [1773:0] error: SERVFAIL <r5---sn-qxo7rn7e.googlevideo.com. A IN>: all the configured st ub or forward servers failed, at zone .
08:39:58 unbound: [1773:0] error: SERVFAIL <play.google.com. A IN>: all the configured stub or forward ser vers failed, at zone .
08:39:57 unbound: [1773:0] error: SERVFAIL <www.youtube.com. A IN>: all the configured stub or forward ser vers failed, at zone .
08:39:46 unbound: [1773:0] error: SERVFAIL <r4---sn-qxo7rn7l.googlevideo.com. A IN>: all the configured st ub or forward servers failed, at zone .
08:39:46 unbound: [1773:0] error: SERVFAIL <i.ytimg.com. A IN>: all the configured stub or forward servers failed, at zone .
08:39:46 unbound: [1773:0] error: SERVFAIL <yt3.ggpht.com. A IN>: all the configured stub or forward serve rs failed, at zone .
08:39:38 unbound: [1773:0] error: SERVFAIL <youtubei.googleapis.com. A IN>: all the configured stub or for ward servers failed, at zone .
08:39:38 unbound: [1773:0] error: SERVFAIL <mqtt-mini.facebook.com. A IN>: all the configured stub or forw ard servers failed, at zone .
08:39:38 unbound: [1773:0] error: SERVFAIL <ssl.gstatic.com. A IN>: all the configured stub or forward ser vers failed, at zone .
08:39:31 unbound: [1773:0] error: SERVFAIL <s.yimg.com. A IN>: all the configured stub or forward servers failed, at zone .
08:39:20 unbound: [1773:0] error: SERVFAIL <m.dlx.addthis.com. A IN>: all the configured stub or forward s ervers failed, at zone .
08:39:20 unbound: [1773:0] error: SERVFAIL <tps11041.doubleverify.com. A IN>: all the configured stub or f orward servers failed, at zone .
Older Newer
Then later in morning I found this also
| 09:57:33 | unbound: [1773:0] | info: generate keytag query _ta-4a5c-4f66. NULL IN |
|---|---|---|
| 09:57:33 | unbound: [1773:0] | info: start of service (unbound 1.11.0). |
| 09:57:33 | unbound: [1773:0] | notice: init module 1: iterator |
| 09:57:33 | unbound: [1773:0] | notice: init module 0: validator |
| 09:57:33 | unbound: [1773:0] | notice: Restart of unbound 1.11.0. |
| 09:57:33 | unbound: [1773:0] | info: 0.000000 0.000001 60 |
| 09:57:33 | unbound: [1773:0] | info: lower(secs) upper(secs) recursions |
| 09:57:33 | unbound: [1773:0] | info: [25%]=2.5e-07 median[50%]=5e-07 [75%]=7.5e-07 |
| 09:57:33 | unbound: [1773:0] | info: histogram of recursion processing times |
| 09:57:33 | unbound: [1773:0] | info: average recursion processing time 0.000000 sec |
| 09:57:33 | unbound: [1773:0] | info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0 |
| 09:57:33 | unbound: [1773:0] | info: server stats for thread 0: 299 queries, 239 answers from cache, 60 recurs ions, 0 prefetch, 0 rejected by ip ratelimiting |
| 09:57:33 | unbound: [1773:0] | info: service stopped (unbound 1.11.0). |
| 09:57:32 | unbound: [1773:0] | error: SERVFAIL <safebrowsing.googleapis.com. A IN>: all the configured stub or forward servers failed, at zone . |
This is a re occurring problem for me. This has been happening for multiple updates. Other than sites not connecting, DNS status broken or error, logs with the above SERVFAIL, what other indications are there to check?
What is the solution, so these errors can stop and IPFIRE as a whole just works?
Everybody seems to be hitting and missing on procedures to follow for detection and resolution.
I can live with the reboots, but …
Right now it is failing the wife test.