Thanks. Restarting unbound didn’t help.
So I setup tcp dump to watch the green interface on the ipfire system with this: tcpdump -s0 -n -vvv -S -i green0 port 53
A request for ipfire.org, immediate response.
11:35:51.144001 IP (tos 0x0, ttl 64, id 13336, offset 0, flags [none], proto UDP (17), length 79)
192.168.1.20.48896 > 192.168.1.1.53: [udp sum ok] 32064+ [1au] A? ipfire.org. ar: . OPT UDPsize=4096 (51)
11:35:51.144555 IP (tos 0x0, ttl 64, id 24114, offset 0, flags [none], proto UDP (17), length 83)
192.168.1.1.53 > 192.168.1.20.48896: [udp sum ok] 32064$ q: A? ipfire.org. 1/0/1 ipfire.org. [7m59s] A 81.3.27.38 ar: . OPT UDPsize=1232 (55)
A request for about.work has three attempts, then fail out.
11:35:51.152076 IP (tos 0x0, ttl 64, id 13338, offset 0, flags [none], proto UDP (17), length 79)
192.168.1.20.60669 > 192.168.1.1.53: [udp sum ok] 56469+ [1au] A? about.work. ar: . OPT UDPsize=4096 (51)
11:35:56.152021 IP (tos 0x0, ttl 64, id 14282, offset 0, flags [none], proto UDP (17), length 79)
192.168.1.20.60669 > 192.168.1.1.53: [udp sum ok] 56469+ [1au] A? about.work. ar: . OPT UDPsize=4096 (51)
11:36:01.152177 IP (tos 0x0, ttl 64, id 14953, offset 0, flags [none], proto UDP (17), length 79)
192.168.1.20.60669 > 192.168.1.1.53: [udp sum ok] 56469+ [1au] A? about.work. ar: . OPT UDPsize=4096 (51)
