On Fri, Dec 6, 2013 at 1:38 PM, Patrik Lundin <[email protected]> wrote: > Just out of curiosity: If you are running unbound on the firewall, why > are you querying the troublesome resolver directly? Do you get the same > result when querying the local unbound?
Same results from Unbound. That's why I started "digging". > Are you running dig from the firewall or a client behind the firewall? Have done both. Same results with NLNet's drill utility as well. > How about tcpdumping the traffic on all affected interfaces and comparing > the results between the working location and a non-working one in order > to see if anything funky is happening on the wire? I did that also. I see nothing funky. One packet sent, one returned.
