From nobody Thu Apr 13 20:27:36 2023
X-Original-To: bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PyB2x0F9tz44Yn1
	for <bugs@mlmmj.nyi.freebsd.org>; Thu, 13 Apr 2023 20:27:37 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4PyB2w4hS5z3q0s
	for <bugs@FreeBSD.org>; Thu, 13 Apr 2023 20:27:36 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1681417656;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=+HSQ8GPJanSbkH2L1rU2cBHN8OjbF8Dqc2Bru2ZBteY=;
	b=dgUpEF16OpkM1Fa4DpWrKdafuk3iJbovFKNVWBGm0wZ1iX8PmX89CSLaN1XpcojM+kQUWV
	zYVs4fiMrXZHS4ECKllrpPytedRWcdD8DHyi6M35OaRqmdygdve5Sz6SeLBTg8cue/MS21
	ovIOAqXRU5hViWAU6O/AofMdd14z7tLLyfpOC24cqFLAWGNG9sDHl9xqqcaE0rcK/9uSnw
	Ti6rZZgitxD1g4NnpbaG7rOGQyxwjsqpul6PfWlDJuYge3czCtQ48vhZg7skzJH2Srf4HZ
	Tv/2rBNQywQrPNMOQ+dLyqFh0NjSlpLjunBXWJFtRNKefrVkNTocJroGdYupOQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1681417656; a=rsa-sha256; cv=none;
	b=J7lPaM9RMWuouzYWrO9LeiQU7Yj+L6AowXY+e3NGK1XCDhVbDLkKxU1NCOii+0qJ/neNRa
	h0/Q03TzXXDPbG+gV7SOPZ7LJ3m+efLJe73Q5sBVh+nK3tIOWstN+GF22yqlXl5iq1mE9j
	ypHz8fnGDGTs4S4RcaeXgx8PXDngFWoBcktzM2uDlTNZz32S7DCVmyVP5ERcYFIDKli2va
	47diVt3/Er9hG3+eSkugiEOZRjAQPsb45GsEzx2vm0R+8CpXgiKkozRierR9PYZComWBHe
	yJiFFCikdbsYm6mhFeToRK6hy2PUinZDYGtFJYtP4pmfT0Zy0of63xN/5PLtgA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PyB2w3psjzwZJ
	for <bugs@FreeBSD.org>; Thu, 13 Apr 2023 20:27:36 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 33DKRaJL058474
	for <bugs@FreeBSD.org>; Thu, 13 Apr 2023 20:27:36 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 33DKRaRx058473
	for bugs@FreeBSD.org; Thu, 13 Apr 2023 20:27:36 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 270824] [local_unbound] exceeded the maximum number of sends
Date: Thu, 13 Apr 2023 20:27:36 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: saper@saper.info
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
Message-ID: <bug-270824-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-bugs
List-Help: <mailto:freebsd-bugs+help@freebsd.org>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Subscribe: <mailto:freebsd-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-bugs@freebsd.org
MIME-Version: 1.0
X-ThisMailContainsUnwantedMimeParts: N

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D270824

            Bug ID: 270824
           Summary: [local_unbound] exceeded the maximum number of sends
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: saper@saper.info

This is running 14.0-CURRENT as of ea6d1692666 but I am pretty sure I've se=
en
this before.

For a long time, this road warrior/laptop install has been plagued with
unstable DNS resolution. It is almost never possible to quickly change netw=
orks
(from one WLAN to another one or to USB tethering) and not lose ability to
resolve DNS.

Even when working on one network for a longer time, I get DNS resolution er=
rors
in Firefox regularly.  Switching to 8.8.8.8 or something given via DHCP usu=
ally
rectifies the issue. I am pretty sure my tethering DNS server is not hijack=
ing
the requests.

I use "nameserver ::1" in my /etc/resolv.conf

Today, when things are really bad, I have enabled some more debug

# more /etc/unbound/conf.d/logging.conf=20
server:
    log-local-actions: no
    log-queries: yes
    log-replies: yes
    log-servfail: yes
    logfile: /log/unbound.log
    val-log-level: 2=20


[1681416195] local-unbound[48019:0] error: SERVFAIL <push.services.mozilla.=
com.
A IN>: exceeded the maximum number of sends

there are also AAAA queries

[1681416195] local-unbound[48019:0] error: SERVFAIL <push.services.mozilla.=
com.
AAAA IN>: exceeded the maximum number of sends

I've tried to follow if this is related to
https://github.com/NLnetLabs/unbound/issues/422 but I am not sure.

Additional config changes (trying to turn off DNSSEC validation) but they do
not seem to help (commenting out "auto-trust-anchor-file" and adding
"module:config: "iterator"")

$ more /etc/unbound/unbound.conf
# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
server:
        username: unbound
        directory: /var/unbound
        chroot: /var/unbound
        pidfile: /var/run/local_unbound.pid
        # auto-trust-anchor-file: /var/unbound/root.key
        module-config: "iterator"

# include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/control.conf
include: /var/unbound/conf.d/*.conf

$ more /var/unbound/lan-zones.conf=20
# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
server:
        # Unblock reverse lookups for LAN addresses
        unblock-lan-zones: yes
        insecure-lan-zones: yes


Another log sample:

[1681415385] local-unbound[48019:0] error: SERVFAIL <bugs.freebsd.org. A IN=
>:
exceeded the maximum number of sends
[1681415385] local-unbound[48019:0] info: ::1 bugs.freebsd.org. A IN SERVFA=
IL
4.015634 0 45
[1681415385] local-unbound[48019:0] info: ::1 bugs.freebsd.org. A IN SERVFA=
IL
4.015634 0 45
[1681415385] local-unbound[48019:0] info: ::1 bugs.freebsd.org. A IN SERVFA=
IL
9.017518 0 45
[1681415385] local-unbound[48019:0] info: ::1 bugs.freebsd.org. A IN SERVFA=
IL
9.018429 0 45
[1681415385] local-unbound[48019:0] info: ::1 bugs.freebsd.org. AAAA IN
[1681415385] local-unbound[48019:0] info: ::1 bugs.freebsd.org. AAAA IN


DNSSEC is nice to have, but I really want to have a stable local resolver. =
How
to achieve this?

If I suffer from some packet loss on a weak 802.11 connections - is there a=
ny
way to make unbound more patient?

--=20
You are receiving this mail because:
You are the assignee for the bug.=