Unbound forwarding to kresd
Unbound fails to resolve with SERVFAIL if it forward to kresd. This can be easily simulated by connecting Turris 1.x behind Turris Omnia.
This is output from kresd from omnia when I try to resolve google.com from turris 1.x:
2017-06-02T06:56:12+02:00 info kresd[30645]: [ 0][plan] plan 'google.com.' type 'DS'
2017-06-02T06:56:12+02:00 info kresd[30645]: [26573][iter] 'google.com.' type 'DS' id was assigned, parent id 0
2017-06-02T06:56:12+02:00 info kresd[30645]: [26573][resl] => querying: '172.20.20.53' score: 11 zone cut: '.' m12n: 'GOOgLE.COm.' type: 'DS' proto: 'udp'
2017-06-02T06:56:12+02:00 info kresd[30645]: [26573][ pc ] => answer cached for TTL=664
2017-06-02T06:56:12+02:00 info kresd[30645]: [26573][resl] <= server: '172.20.20.53' rtt: 0 ms
2017-06-02T06:56:12+02:00 info kresd[30645]: [ 0][resl] finished: 4, queries: 1, mempool: 32784 B
2017-06-02T06:56:12+02:00 info kresd[30645]: [ 0][plan] plan 'google.com.' type 'A'
2017-06-02T06:56:12+02:00 info kresd[30645]: [34758][iter] 'google.com.' type 'A' id was assigned, parent id 0
2017-06-02T06:56:12+02:00 info kresd[30645]: [34758][resl] => querying: '172.20.20.53' score: 11 zone cut: '.' m12n: 'gOOgle.Com.' type: 'A' proto: 'udp'
2017-06-02T06:56:12+02:00 info kresd[30645]: [34758][resl] <= server: '172.20.20.53' rtt: 0 ms
2017-06-02T06:56:12+02:00 info kresd[30645]: [ 0][resl] finished: 4, queries: 1, mempool: 32784 B
It seems to be normal to me. So as it seems Unbound does sends valid request to
kresd and it is processed, but then Unbound for some reason responds with
nslookup: can't resolve 'google.com': Name or service not known
. Unbound haven't
produced any debug output, so I have no idea what happened.