Thank you - I'll file these commands away for future reference. Previously, I tried recreating the problem a few times, but after waiting 15 minutes (per your previous advice) after the WAN recovery, DNS has worked. I've not tried leaving my internet connection down for much more than about 10 minutes, though.
-----Original Message----- From: W.C.A. Wijngaards [mailto:[email protected]] Sent: Friday, February 10, 2012 9:34 AM To: Paul Taylor Cc: [email protected] Subject: Re: [Unbound-users] Unbound stops answering after ADSL-line bounce -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Paul, On 02/10/2012 02:28 PM, Paul Taylor wrote: > On the original topic of this thread, I have another incident to report. > After experiencing some strangeness with my NAS (where unbound was > running previously), I moved Unbound to an installation of pfSense > running on an old net4801. I believe pfSense is still on version 1.4.14 > of Unbound. I configured it pretty much identically to my NAS > installation of Unbound. By that, I mean that I have numerous > forwarders added for various CDNs, with a "." forwarder pointing to > OpenDNS. DNSSEC validation is disabled. About two weeks had passed > with no further problems, until this morning. > > Just before I was about to leave home for work (just after 7 AM), my > daughter told me that the internet was down. I checked my router and > saw that the internet connection went down last night for a little over > an hour.. It recovered about 3:15 AM. So, it had been up and > operational for almost 4 hours by the time I started looking at the > issue. A quick nslookup showed SERVFAIL replies. Since I had to leave > for work, I didn't have time to do much in the way of troubleshooting. > I recycled the service via pfSense's Services page (I think it just > kills and restarts the service), and DNS was resolving properly again. It should not be down for that long; 15 minutes really. > Unfortunately, since it's on an embedded box, I didn't have logging > enabled, and I don't know what commands, if any, I could run that let > you see the "state" Unbound is stuck in when this happens. unbound-control verbosity 4 ; then nslookup and capture the logs (which are then plentiful). unbound-control dump_infra > tofile.txt that shows the state of the infrastructure cache. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPNSrdAAoJEJ9vHC1+BF+NG60P/jbXRoJasVwLkFrLJ5exvRji TwAWZOm09AeuGHf2puMOmCaBbngoCs2J1ijLj9t312QjF7Qu3vYfDuTbUJ39yMrc f4z8ZFLEXQ3EVH347d7wxnKwvuH1wrl0J313A04jyMP+VWj2WXFk25un6PbY2xKJ bEiSWRlkUh4GvuNxHtp7tDUOMpZlXwgT+F8YUGqlXUgyCEF1l7zU4qzz0G2H6IBP sy9Nt980u36wM7naAV/JScgCZ8S+Sqrf0yUpINbA2x2V1pXCxy132WSttfxD61as r0Y+Rj/1Gph29X91QJZXmBB29+60BC1+hg5gvBrrHqGRRBSI5+EFVUtIEyI8bhCe ogMZbjGHW9SOAbAdGzp/p9kUihgEDqQP1lJ6a3j1XhijOTMXlaqkG+1IRjXoh7uM SlRpVWqlnTwecnqSyYAmNE8d4lsLF24OGeIQkkeEBWkopyPLvUnjKCkhl+xnbpxS OQZ8XaAbHLYovFqNxMbxsuBwTubSg/lVoADZ+0UEC4oTyfWuIenWEsDqWD5kPMtK oEJ5icfRd2Gqwv0JA5Kn1iB14+ZUygnyKcglxIu8ug+sy2kWH3FlfIbeg+KubSjY UIlUroGUOwDAWT0vaoL3ohvBhgzgDpbG6qiQvyURGIYe+uiJy4TzxPlrUJ6EQopb HR7IOik9DFrSK3PNYLo2 =rwsX -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
