Problem unbound + all-inkl.com - status: SERVFAIL

maki · 14. Januar 2025 um 14:11

Hallo,

ich habe mir einen eigenen DNS Server mit unbound als CT in Proxmox aufgesetzt. Leider schaffe ich es nicht, Anfragen zu all-inkl.com aufzulösen. Dass beinhaltet nicht nur all-inkl.com selbst, sondern auch alle meine Domains, welche dort liegen.

Also Status wird SERVFAIL ausgegeben.
Ich kann mir den Fehler nicht erklären. Über DNSforge lässt sich alles wunderbar auflösen. Daheim möchte ich aber selbst meine Listen in AdGuard verwalten

Gibt es einen Tipp, wie ich den Fehler beheben kann?

dig all-inkl.com @192.168.37.97 -p 5335

; <<>> DiG 9.10.6 <<>> all-inkl.com @192.168.37.97 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 47056
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;all-inkl.com.			IN	A

;; Query time: 406 msec
;; SERVER: 192.168.37.97#5335(192.168.37.97)
;; WHEN: Tue Jan 14 15:05:08 CET 2025
;; MSG SIZE  rcvd: 41

Andere Auflösungen funktionieren jedoch

dig adminforge.de @192.168.37.97 -p 5335

; <<>> DiG 9.10.6 <<>> adminforge.de @192.168.37.97 -p 5335
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53216
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;adminforge.de.			IN	A

;; ANSWER SECTION:
adminforge.de.		60	IN	A	176.9.8.206

;; Query time: 156 msec
;; SERVER: 192.168.37.97#5335(192.168.37.97)
;; WHEN: Tue Jan 14 15:07:52 CET 2025
;; MSG SIZE  rcvd: 58

Meine Konfiguration in unbound sieht wie folgt aus:

server:
    # Wenn keine Logdatei angegeben wird, wird syslog verwendet.
    logfile: "/var/log/unbound.log"
    verbosity: 0
    log-time-ascii: yes
    log-queries: no
 
    # Versions-Informationen von Unbound nicht anzeigen - Sicherheitsaspekt
    hide-identity: yes
    hide-version: yes
 
    interface: 192.168.37.97 #IP Adresse
    port: 5335
    do-ip4: yes
    do-udp: yes
    do-tcp: yes
 
    # May be set to yes if you have IPv6 connectivity
    do-ip6: yes
 
    # Verwende dies nur, wenn du die Liste der primären Root-Server heruntergeladen hast!
 
    root-hints: "/var/lib/unbound/root.hints"
    tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"
 
    # You want to leave this to no unless you have *native* IPv6. With 6to4 and
    # Terredo tunnels your web browser should favor IPv4 for the same reasons
    prefer-ip6: no
 
    # Trust glue only if it is within the server's authority
    harden-glue: yes
 
    # Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
    harden-dnssec-stripped: yes
 
    # Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
    # see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
    use-caps-for-id: no
 
    # Reduce EDNS reassembly buffer size.
    # IP fragmentation is unreliable on the Internet today, and can cause
    # transmission failures when large DNS messages are sent via UDP. Even
    # when fragmentation does work, it may not be secure; it is theoretically
    # possible to spoof parts of a fragmented DNS message, without easy
    # detection at the receiving end. Recently, there was an excellent study
    # >>> Defragmenting DNS - Determining the optimal maximum UDP response size for DNS <<<
    # by Axel Koolhaas, and Tjeerd Slokker (https://indico.dns-oarc.net/event/36/contributions/776/)
    # in collaboration with NLnet Labs explored DNS using real world data from the
    # the RIPE Atlas probes and the researchers suggested different values for
    # IPv4 and IPv6 and in different scenarios. They advise that servers should
    # be configured to limit DNS messages sent over UDP to a size that will not
    # trigger fragmentation on typical network links. DNS servers can switch
    # from UDP to TCP when a DNS response is too big to fit in this limited
    # buffer size. This value has also been suggested in DNS Flag Day 2020.
    edns-buffer-size: 1232
 
    # TTL-Grenzen fuer den Cache
 
    #Mindestens 10 Sekunden, laengsten 1 Minuten, der Rest macht Cache von Adguard
    cache-min-ttl: 10   
    cache-max-ttl: 60 
 
 
    # Perform prefetching of close to expired message cache entries
    # This only applies to domains that have been frequently queried
    prefetch: yes
    prefetch-key: yes
 
    # One thread should be sufficient, can be increased on beefy machines. In reality for most users running on small networks or on a single machine, it should be unnecessary to seek performance enhancement by increasing num-threads above 1.
    num-threads: 1
 
    # Ensure kernel buffer is large enough to not lose messages in traffic spikes
    so-rcvbuf: 4m
 
    # Anzahl der Slabs im RRset-Cache. Slabs reduzieren die Sperrkonflikte zwischen den
    # Threads. Muss auf eine Potenz von 2 in der Nähe von num-threads gesetzt werden.
 
    msg-cache-slabs: 2
    rrset-cache-slabs: 2
    infra-cache-slabs: 2
    key-cache-slabs: 2
 
    # Cache-Speicher rrset sollte doppelt so groß sein wie msg
 
    msg-cache-size: 50m
    rrset-cache-size: 100m
 
    # mehr ausgehende Verbindungen
    # hängt von der Anzahl der Kerne ab: 1024/Kerne - 50
    #Set the outgoing-range: to as large a value as possible, 
    #see the sections below on how to overcome the limit of 1024 in total. 
    #This services more clients at a time. 
    #With 1 core, try 950. With 2 cores, try 450. With 4 cores try 200.
 
    outgoing-range: 950
 
    # UDP mit Multithreading beschleunigen
 
    so-reuseport: yes
 
    # Ensure privacy of local IP ranges
    private-address: 192.168.0.0/16
    private-address: 169.254.0.0/16
    private-address: 172.16.0.0/12
    private-address: 10.0.0.0/8
    private-address: fd00::/8
    private-address: fe80::/10
 
    access-control: 192.168.0.0/16 allow
    module-config: "iterator"

dominion · 14. Januar 2025 um 15:14

prüfe mal bei welchem Nameserver er hängen bleibt mit „+trace“ beim „dig“.

maki · 14. Januar 2025 um 15:29

Viel sehe ich leider nicht

% dig +trace all-inkl.com  @192.168.37.97 -p 5335 

; <<>> DiG 9.10.6 <<>> +trace all-inkl.com @192.168.37.97 -p 5335
;; global options: +cmd
;; Received 28 bytes from 192.168.37.97#5335(192.168.37.97) in 42 ms

% dig +trace adminforge.de  @192.168.37.97 -p 5335

; <<>> DiG 9.10.6 <<>> +trace adminforge.de @192.168.37.97 -p 5335
;; global options: +cmd
;; Received 28 bytes from 192.168.37.97#5335(192.168.37.97) in 43 ms

dominion · 14. Januar 2025 um 15:30

seltsam, da müsste viel mehr kommen wie hier z.b.:

%  dig +trace all-inkl.com @dnsforge.de

; <<>> DiG 9.20.4 <<>> +trace all-inkl.com @dnsforge.de
;; global options: +cmd
.			53060	IN	NS	k.root-servers.net.
.			53060	IN	NS	j.root-servers.net.
.			53060	IN	NS	d.root-servers.net.
.			53060	IN	NS	l.root-servers.net.
.			53060	IN	NS	a.root-servers.net.
.			53060	IN	NS	i.root-servers.net.
.			53060	IN	NS	b.root-servers.net.
.			53060	IN	NS	f.root-servers.net.
.			53060	IN	NS	g.root-servers.net.
.			53060	IN	NS	e.root-servers.net.
.			53060	IN	NS	c.root-servers.net.
.			53060	IN	NS	m.root-servers.net.
.			53060	IN	NS	h.root-servers.net.
.			53060	IN	RRSIG	NS 8 0 518400 20250127050000 20250114040000 26470 . Pr8OOV3fYNW7zMEDKGCBKdXWJPgS0DE7Dj6sf9JtIaUQMOBNrwUZoL2Z X2yhXsiEyVWzhp0pCrQY/CVPNLnjM4mbxzojmRXEVIM4YchkcLSEzhx8 ywIbYrYfouUroR0YyNC34qRoEhHaw6XtTzXIz2s1qMazlHk7EIiJBFGC T26Nr6i69uxTDx7GQZB81KbGH6UezmjiSlaOHXCM2vfc4xqnvXwCydx7 OZoucBY+euPKZpqFSns5jsZH7tX+YPo9oXNj3kzL8956eaxlsP0ucFQI usQGKMquDXzLR2QEQU4zrZwQfuHoMQ+9tpqR6769mEEYf6Ly86Ef7nU+ GIQgsQ==
;; Received 525 bytes from 2a01:4f8:141:316d::117#53(dnsforge.de) in 19 ms

com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
com.			86400	IN	DS	19718 13 2 8ACBB0CD28F41250A80A491389424D341522D946B0DA0C0291F2D3D7 71D7805A
com.			86400	IN	RRSIG	DS 8 1 86400 20250127050000 20250114040000 26470 . Agls4LbQJCVveOOgelgI2nxI6MLmbKCJzZ0CqfxbaB+YVTSY7RzOXPkA NLrg6MyrvgMzFIxc8Y9VeNWcAbO5f/4I+PM7tv2cu/KSDlR/fb3QzA3f EK6LeuCy8ObaRUJ/igmirsOngyk34W5QpEmKHu2iW3ICvD/9ykwDGrqR RvUchcgp4SbMSMiNCjk0goKj91aSv40av8cXcB+q5L/3F/XMszSlZVd3 nW2EnS55lP9IFMhl2Rj821GHrrmMcO+9UcXl3zBpgeaegGEvetXxZZrr Gd/mjZdvzCFBLOQGBcYZnBkBbsHAt3YWDdV2sPso+WkwDjd2S1IbIr8A RT6unw==
;; Received 1200 bytes from 2001:500:12::d0d#53(g.root-servers.net) in 16 ms

all-inkl.com.		172800	IN	NS	ns5.kasserver.com.
all-inkl.com.		172800	IN	NS	ns6.kasserver.com.
all-inkl.com.		172800	IN	NS	ns7.kasserver.com.
all-inkl.com.		172800	IN	NS	ns14.kas-dns-service.de.
all-inkl.com.		172800	IN	NS	ns1.kas-dns-service.de.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 900 IN NSEC3 1 1 0 - CK0Q3UDG8CEKKAE7RUKPGCT1DVSSH8LL NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 900 IN RRSIG NSEC3 13 2 900 20250119002630 20250111231630 29942 com. rHNCcFeS8Fk0oHmHeaoGvmZ7u/AxIbJ7mcPbGWAEs0av0apbFaE+CLve zZnLg/1eMfGqL4W5I0c6sEl0W4OKyg==
E8H0B9NEQNFUR999P4EB496178QR0S7S.com. 900 IN NSEC3 1 1 0 - E8H0G719D6O1F9R01B4HUO2AM99JEME8 NS DS RRSIG
E8H0B9NEQNFUR999P4EB496178QR0S7S.com. 900 IN RRSIG NSEC3 13 2 900 20250118022555 20250111011555 29942 com. zjZ44wA8OrhJmHGUGkB8Pclkt1/EN8C2vAcVaNYPRSQZ8N3ojrekPull VNHzcnBWp95UbTPZDVVujva9PiXmZw==
;; Received 565 bytes from 2001:503:39c1::30#53(i.gtld-servers.net) in 13 ms

all-inkl.com.		7200	IN	A	85.13.159.122
;; Received 57 bytes from 85.13.128.3#53(ns5.kasserver.com) in 23 ms

maki · 14. Januar 2025 um 15:35

Ich habe es noch mal auf dem Server probiert. Da ging es

# dig +trace all-inkl.com  @192.168.37.97 -p 5335

; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> +trace all-inkl.com @192.168.37.97 -p 5335
;; global options: +cmd
.			60	IN	NS	f.root-servers.net.
.			60	IN	NS	d.root-servers.net.
.			60	IN	NS	e.root-servers.net.
.			60	IN	NS	j.root-servers.net.
.			60	IN	NS	m.root-servers.net.
.			60	IN	NS	l.root-servers.net.
.			60	IN	NS	k.root-servers.net.
.			60	IN	NS	a.root-servers.net.
.			60	IN	NS	g.root-servers.net.
.			60	IN	NS	i.root-servers.net.
.			60	IN	NS	h.root-servers.net.
.			60	IN	NS	b.root-servers.net.
.			60	IN	NS	c.root-servers.net.
.			60	IN	RRSIG	NS 8 0 518400 20250127050000 20250114040000 26470 . Pr8OOV3fYNW7zMEDKGCBKdXWJPgS0DE7Dj6sf9JtIaUQMOBNrwUZoL2Z X2yhXsiEyVWzhp0pCrQY/CVPNLnjM4mbxzojmRXEVIM4YchkcLSEzhx8 ywIbYrYfouUroR0YyNC34qRoEhHaw6XtTzXIz2s1qMazlHk7EIiJBFGC T26Nr6i69uxTDx7GQZB81KbGH6UezmjiSlaOHXCM2vfc4xqnvXwCydx7 OZoucBY+euPKZpqFSns5jsZH7tX+YPo9oXNj3kzL8956eaxlsP0ucFQI usQGKMquDXzLR2QEQU4zrZwQfuHoMQ+9tpqR6769mEEYf6Ly86Ef7nU+ GIQgsQ==
;; Received 1097 bytes from 192.168.37.97#5335(192.168.37.97) in 45 ms

;; UDP setup with 198.41.0.4#5335(198.41.0.4) for all-inkl.com failed: network unreachable.
;; no servers could be reached

;; UDP setup with 198.41.0.4#5335(198.41.0.4) for all-inkl.com failed: network unreachable.
;; no servers could be reached

;; UDP setup with 198.41.0.4#5335(198.41.0.4) for all-inkl.com failed: network unreachable.
;; UDP setup with 192.112.36.4#5335(192.112.36.4) for all-inkl.com failed: network unreachable.

mit dnsforge gibt es auch einen Fehler

# dig +trace all-inkl.com  @dnsforge.de

; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> +trace all-inkl.com @dnsforge.de
;; global options: +cmd
.			77835	IN	NS	e.root-servers.net.
.			77835	IN	NS	c.root-servers.net.
.			77835	IN	NS	k.root-servers.net.
.			77835	IN	NS	g.root-servers.net.
.			77835	IN	NS	j.root-servers.net.
.			77835	IN	NS	d.root-servers.net.
.			77835	IN	NS	a.root-servers.net.
.			77835	IN	NS	l.root-servers.net.
.			77835	IN	NS	f.root-servers.net.
.			77835	IN	NS	i.root-servers.net.
.			77835	IN	NS	h.root-servers.net.
.			77835	IN	NS	b.root-servers.net.
.			77835	IN	NS	m.root-servers.net.
.			77835	IN	RRSIG	NS 8 0 518400 20250127050000 20250114040000 26470 . Pr8OOV3fYNW7zMEDKGCBKdXWJPgS0DE7Dj6sf9JtIaUQMOBNrwUZoL2Z X2yhXsiEyVWzhp0pCrQY/CVPNLnjM4mbxzojmRXEVIM4YchkcLSEzhx8 ywIbYrYfouUroR0YyNC34qRoEhHaw6XtTzXIz2s1qMazlHk7EIiJBFGC T26Nr6i69uxTDx7GQZB81KbGH6UezmjiSlaOHXCM2vfc4xqnvXwCydx7 OZoucBY+euPKZpqFSns5jsZH7tX+YPo9oXNj3kzL8956eaxlsP0ucFQI usQGKMquDXzLR2QEQU4zrZwQfuHoMQ+9tpqR6769mEEYf6Ly86Ef7nU+ GIQgsQ==
;; Received 525 bytes from 2a01:4f8:151:34aa::198#53(dnsforge.de) in 14 ms

com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
com.			86400	IN	DS	19718 13 2 8ACBB0CD28F41250A80A491389424D341522D946B0DA0C0291F2D3D7 71D7805A
com.			86400	IN	RRSIG	DS 8 1 86400 20250127050000 20250114040000 26470 . Agls4LbQJCVveOOgelgI2nxI6MLmbKCJzZ0CqfxbaB+YVTSY7RzOXPkA NLrg6MyrvgMzFIxc8Y9VeNWcAbO5f/4I+PM7tv2cu/KSDlR/fb3QzA3f EK6LeuCy8ObaRUJ/igmirsOngyk34W5QpEmKHu2iW3ICvD/9ykwDGrqR RvUchcgp4SbMSMiNCjk0goKj91aSv40av8cXcB+q5L/3F/XMszSlZVd3 nW2EnS55lP9IFMhl2Rj821GHrrmMcO+9UcXl3zBpgeaegGEvetXxZZrr Gd/mjZdvzCFBLOQGBcYZnBkBbsHAt3YWDdV2sPso+WkwDjd2S1IbIr8A RT6unw==
;; Received 1172 bytes from 2001:500:1::53#53(h.root-servers.net) in 10 ms

;; UDP setup with 192.55.83.30#53(192.55.83.30) for all-inkl.com failed: network unreachable.
;; no servers could be reached

;; UDP setup with 192.55.83.30#53(192.55.83.30) for all-inkl.com failed: network unreachable.
;; no servers could be reached

;; UDP setup with 192.55.83.30#53(192.55.83.30) for all-inkl.com failed: network unreachable.
all-inkl.com.		172800	IN	NS	ns5.kasserver.com.
all-inkl.com.		172800	IN	NS	ns6.kasserver.com.
all-inkl.com.		172800	IN	NS	ns7.kasserver.com.
all-inkl.com.		172800	IN	NS	ns14.kas-dns-service.de.
all-inkl.com.		172800	IN	NS	ns1.kas-dns-service.de.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 900 IN NSEC3 1 1 0 - CK0Q3UDG8CEKKAE7RUKPGCT1DVSSH8LL NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 900 IN RRSIG NSEC3 13 2 900 20250119002630 20250111231630 29942 com. rHNCcFeS8Fk0oHmHeaoGvmZ7u/AxIbJ7mcPbGWAEs0av0apbFaE+CLve zZnLg/1eMfGqL4W5I0c6sEl0W4OKyg==
E8H0B9NEQNFUR999P4EB496178QR0S7S.com. 900 IN NSEC3 1 1 0 - E8H0G719D6O1F9R01B4HUO2AM99JEME8 NS DS RRSIG
E8H0B9NEQNFUR999P4EB496178QR0S7S.com. 900 IN RRSIG NSEC3 13 2 900 20250118022555 20250111011555 29942 com. zjZ44wA8OrhJmHGUGkB8Pclkt1/EN8C2vAcVaNYPRSQZ8N3ojrekPull VNHzcnBWp95UbTPZDVVujva9PiXmZw==
;; Received 565 bytes from 2001:503:39c1::30#53(i.gtld-servers.net) in 11 ms

;; UDP setup with 164.68.122.186#53(164.68.122.186) for all-inkl.com failed: network unreachable.
;; UDP setup with 85.13.128.3#53(85.13.128.3) for all-inkl.com failed: network unreachable.
;; UDP setup with 85.13.158.127#53(85.13.158.127) for all-inkl.com failed: network unreachable.
;; UDP setup with 85.13.159.101#53(85.13.159.101) for all-inkl.com failed: network unreachable.
;; UDP setup with 209.145.55.174#53(209.145.55.174) for all-inkl.com failed: network unreachable.
;; no servers could be reached

maki · 14. Januar 2025 um 16:08

Es scheint so, als ob die Server nicht erreicht werden können aus dem Container heraus.

% ping 164.68.122.186
ping: connect: Network is unreachable

Von der Hostsystem (Proxmox) funktioniert es aber

% ping 164.68.122.186
PING 164.68.122.186 (164.68.122.186) 56(84) bytes of data.
64 bytes from 164.68.122.186: icmp_seq=1 ttl=56 time=13.4 ms

dominion · 15. Januar 2025 um 07:22

ja das hat dann ja nichts mehr mit DNS zu tun. Dann müsstest du mal mit „mtr“ tracen wo die Route endet und dann den Hoster ansprechen.

maki · 16. Januar 2025 um 23:01

Vielen Dank für die Rückmeldung.

Ich habe meinen Fehler gefunden.
In der fritz.box sperre ich für alle Geräte den DNS Port, damit diese AdGurad nutzen müssen. Der CT mit AdGuard und den separate CT von unbound habe ich freigegeben, so dass DNS im Internet abgefragt werden kann.
In der Proxmoxeinstellung habe ich dem unbound CT die IPv4 fest und die IPv6 vom DHCP (Fritz!Box) vergeben.

Anscheint ist der Fritz!Box bei dem DNS Filter die IP egal und es zählt die MAC Adresse. unbound hat jedoch nur IPv6 vom DHCP bekommen. Die Fritz!Box kannte demnach nicht die MAC für die IPv4 und hat diese geblockt. Nachdem ich die IPv4 auch vom DHCP beziehe klappt es.

Funktionierte. IPv6 wird aufgelöst


% mtr adminforge.de

                             My traceroute  [v0.95]
unbound (2001:b) -> ad2025-01-16T23:18:15+0100
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                       Packets               Pings
 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. fritz.box                         0.0%    14    1.0   1.5   1.0   4.3   0.8
 2. 2001:1438::94:134:198:81          0.0%    14   11.6   9.0   8.3  11.6   0.8
 3. 2001:1438::62:214:42:190          0.0%    14   11.1  12.5  10.9  30.6   5.2
 4. 2a01:4f8:0:e0f0::2a               0.0%    14   12.9  14.5  12.6  32.4   5.2
 5. 2a01:4f8:0:e0f0::29               0.0%    14   13.0  14.5  11.9  37.6   6.7
 6. core5.fra.hetzner.com             0.0%    14   12.8  12.7  12.3  13.2   0.2
 7. core24.fsn1.hetzner.com           0.0%    13   18.0  18.0  17.8  18.6   0.2
 8. ex9k2.dc5.fsn1.hetzner.com        0.0%    13   17.5  19.0  17.3  33.5   4.4
 9. commander.cdom.de                 0.0%    13   17.4  17.3  17.0  17.7   0.2
10. ntp2.adminforge.de                0.0%    13   17.1  17.3  17.0  17.8   0.3

Schlägt fehl. Vielleicht gibt es keine IPv6?

% mtr all-inkl.com 
mtr: udp socket connect failed: Network is unreachable

dominion · 17. Januar 2025 um 07:41

scheint so

% host all-inkl.com
all-inkl.com has address 85.13.159.122
all-inkl.com mail is handled by 10 allinkl.kasserver.com.