Somehow DNS fell over on my MIAB, and I am struggling to sort out how to troubleshoot.
As a temporary band-aid, I had to update /etc/resolv.conf to 1.1.1.1 just to get things limping along again, but that isn’t a perfect solution - I need to figure out what is going on.
I am not sure what the exact healthy state should look like, but the piece that seems central to the issue - I can no longer do any nslookup commands against 127.0.0.1. I can “nslookup - lanip” , “nslookup - wanip” just fine from the box itself and other devices. Note I can only look up domains I have zones for - google.com etc won’t resolve (somehow I thought in the past the box was able to forward these requests on and resolve).
The local firewall doesn’t appear to be blocking any traffic.
I am aware more information will be needed to provide insights, let me know what logs I can dig up / services I need to check.
systemd-resolved.service shows as running
bind9 shows lots of errors similar to the following:
/var/log/mail.log shows excessive messages being diverted to spam due to:
opendkim[131615]: 1969FD20D29: key retrieval failed (s=pic, d=intakeq.com): ‘pic._domainkey.intakeq.com’ unexpected reply class/type (-1/-1)
It looks like opendkim is likely trying to use 127.0.0.1 as a resolver and failing to do so, so likely all part of the same issue.
I do not use IPv6
Thanks in advance for any insights you can provide.