11.11.2022 16:54, George (Yorgos) Thessalonikefs wrote:
Now I spot that this is auth-zone.
Yes it is auth-zone. It is set up this way because it is a remote office with somewhat flaky connectivity and I thought about always having whole thing locally instead of relying for the upstream during all the runtime.
Which version of Unbound is that?
It is 1.16.3 currently. I thought about giving 1.17 a try, - upgraded to 1.17.0, with exactly the same effect. (It is Debian package of Unbound, - I'm trying to keep it current in Debian).
I would first try with stub-zone instead and point to the NSD instance you mentioned.
The stub-zone works, it worked for many years (with not a best reliability, see above). I just tested it again - switching from auth-zone to stub-zone with the same stub-address works just fine. It is only the auth-zone which dosn't work - I removed the temporary TXT record and it started failing again. Thanks! /mjt
