Распространенная проблема - когда на DNS роутера XGE включен DNSSEC, а на вышестоящем DNS-сервере нет, очень часто встречается если в качестве вышестоящего Вы используете сервера Google 8.8.8.8 или 8.8.4.4
Проверить это можно попробовав сделать запрос к локальному DNS на XGE
{code:title=Команда}nslookup ya.ru localhost{code}
{code:title=Вывод}
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; trying next origin
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached{code}
Если в ответ Вы получили "Got SERVFAIL reply from 127.0.0.1", посмотрите логи DNS:
{code:title=Команда}tail /app/xge/var/named/data/named.run{code}
{code:title=Вывод}
validating @0x7f5b20006580: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router11.teamviewer.com/A/IN': 188.172.248.1#53
validating @0x7f5ad80048e0: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router4.teamviewer.com/A/IN': 185.81.208.1#53
validating @0x7f5afc024c50: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router8.teamviewer.com/A/IN': 213.227.191.1#53
validating @0x7f5b0c002560: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router2.teamviewer.com/A/IN': 213.227.160.1#53
validating @0x7f5aec002560: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router7.teamviewer.com/A/IN': 188.172.248.1#53
{code}
Если увидели ошибку "error (broken trust chain) resolving", попробуйте отключить DNSSEC и перезапустить DNS-сервер:
{code:title=Команды}
sed 's| *//.*dnssec|dnssec|g; s|dnssec-enable *[a-Z]*;|dnssec-enable no;|g; s|dnssec-validation *[a-Z]*;|dnssec-validation no;|g' -i /app/xge/skelet/etc/named.conf
chroot /app/xge service named restart
{code}
Проверить это можно попробовав сделать запрос к локальному DNS на XGE
{code:title=Команда}nslookup ya.ru localhost{code}
{code:title=Вывод}
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; trying next origin
;; Got SERVFAIL reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached{code}
Если в ответ Вы получили "Got SERVFAIL reply from 127.0.0.1", посмотрите логи DNS:
{code:title=Команда}tail /app/xge/var/named/data/named.run{code}
{code:title=Вывод}
validating @0x7f5b20006580: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router11.teamviewer.com/A/IN': 188.172.248.1#53
validating @0x7f5ad80048e0: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router4.teamviewer.com/A/IN': 185.81.208.1#53
validating @0x7f5afc024c50: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router8.teamviewer.com/A/IN': 213.227.191.1#53
validating @0x7f5b0c002560: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router2.teamviewer.com/A/IN': 213.227.160.1#53
validating @0x7f5aec002560: com DS: bad cache hit (./DNSKEY)
error (broken trust chain) resolving 'router7.teamviewer.com/A/IN': 188.172.248.1#53
{code}
Если увидели ошибку "error (broken trust chain) resolving", попробуйте отключить DNSSEC и перезапустить DNS-сервер:
{code:title=Команды}
sed 's| *//.*dnssec|dnssec|g; s|dnssec-enable *[a-Z]*;|dnssec-enable no;|g; s|dnssec-validation *[a-Z]*;|dnssec-validation no;|g' -i /app/xge/skelet/etc/named.conf
chroot /app/xge service named restart
{code}