Unbound ignores do-udp in 22.03.4

Because of a weird issue with my ISP blocking recursive DNS queries, I had added " option do-udp 'no' " to /etc/config/unbound and this option would be carried over to the autogenerated config, thus forcing unbound to run recursive tcp queries and work fine.

Problem #1:
Today I upgraded from 22.03.3 to 22.03.4 and discovered that the resolver is again broken, because the autogenerated config no longer has "do-udp: no", even if it is still valid according to the docs.

Problem #2:
Adding the keyword "do-udp: no" to /etc/unbound/unbound_srv.conf disables the server altogether, instead of a timeout (because of the provider issue) I get a "connection refused".

Going back to 22.03.3 to re-check... used "auc -B 22.03.3" and went back to (mostly) the same situation but it did not help.

Did you set tcp-upstream: yes before?

2 Likes

Thanks for mentioning that, I did not use it.

After going back to the previous version and config, except for a few unrelated packages which are newer, the problem is still there; since the odds of the ISP changing something right when I did my changes are astronomical, I must suspect that the previous config worked precariously even if I try to test at least a few reboots.

Anyway, with /etc/unbound/unbound_srv.conf having these two lines I get "connection refused" :frowning:

do-udp: no
tcp-upstream: yes

Fun fact: using only this one alone works, this is seriously weird:

tcp-upstream: yes

There seems to be still some instability, the keyword did help but I suppose I will have to move to DoH or similar, to be free from ISP interference. Regarding the "do-udp" option being ignored in 22.03.4 when placed in /etc/config/unbound but working fine in .3, I have to conclude that I was mistaken.

Upgraded again, from 22.03.3 to .5 and it is working fine.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.