Maintained by: NLnet Labs

[Unbound-users] SOLVED: unbound fail to resolve a PTR

A. Schulze
Fri Jun 27 12:05:51 CEST 2014

A. Schulze:

> W.C.A. Wijngaards:
>> Here is the same patch for 1.4.22.


today I finaly can confirm that the solution you provide as patch work well.

we identified 2 unrelated faces of our general issue "reverse lookup  
fail for some ip-addresses"

Face #1:
   reverse lookup fail for some ip addresses /if use-caps-for-id is active/

   the external nameserver is broken. It answer only for lowercase queries
   $ dig PTR +short

   $ dig PTR +short
   ;; connection timed out; no servers could be reached

   Workaround: disable use-caps-for-id in unbound <= 1.4.22

   The Fix you sent me offlist let unbound retry the queries
   in complete lowercase if there are no answer so far. That work.
   Was wonderful to see in as tcpdump :-)

Face #2:

   reverse lookup fail for some ip addresses /regardless unbound is  
involved or not/

   $ dig PTR +norecurse
   ;; Question section mismatch: got

   But only on udp transport. On TCP transport that gets the right answer.
   $ dig PTR +norecurse  
+tcp +short

   Cisco ASA Firewall in the way

   disable DNS content inspection on Cisco device :-)

It's time for a relaxed weekend now...