I have a internet connection with Fritzbox 7591 and own external IP for my IPfire with Core-Update-Level: 144.
If my internet connection (this time including link!) was down, unbound doesn’t work anymore. Sometimes it comes back after 10 Minutes and more.
If this happens I get a reverse lookup failure for the used DNS Server (at the moment 8.8.8.8) and message “Status: broken” at the IPfire “Domain Name System” page.
Ping and nslookup to an external DNS server like 8.8.8.8 work.
To solve this problem I need to reload the unbound service
I didn’t change anything manually at the DNS configuration till now.
Is there anything I can configure to avoid this problem? Is there anyway to exchange unbound?
the FritzBox product line seems to mess with DNS queries to the root zone.
To ensure this is not the root cause of your problem, could you switch to DNS
over TLS instead and report back?
Well, unbound replaced dnsmasq quite a while ago. At the moment, I am unaware
of any satisfying replacement for it.
I don’t use my Fritzbox as DNS Server. Like I wrote it’s 8.8.8.8 at the moment.
I will try DNS over TLS. But this will not change the originally point.
I realised you do not use FritzBox as your resolver. However, even when they are
not queried directly, they for example drop UDP DNS queries to the root-zone.
But they don’t drop UDP requests to Google DNS.
If I use nslookup to 8.8.8.8 or I restart unbound (with 8.8.8.8 as forwarder) it works. The problem is unbound, not the Fritzbox at this point.
