[Bug]: timeout when run in no internet network enviroment

[wkjun]

(Optional) Error message

No response

What went wrong?

when query domain,time out happen.

nslookup cas.wow.cn 10.2.10.147 ;; connection timed out; no servers could be reached

Expected behaviour

query dns server ,return domain's ip address.

How can we reproduce the bug?

• the docker image cytopia/bind in private harbor repository
• the server(10.2.10.147) in interal network enviroment,could't reach internet

1. start a docker container on centos 7
   docker run --restart=always -d -p 53:53/tcp -p 53:53/udp -e DNS_A='*.wow.cn=10.2.10.125' -e DOCKER_LOGS=1 -e ALLOW_QUERY=any -t harbor.xxx.com/cytopia/bind

2. query the dns server ip
   nslookup cas.wow.cn 10.2.10.147
   ;; connection timed out; no servers could be reached

Host Operating System

Linux

Host Platform (amd64, arm64, other)

amd64

(Linux only) Is SELinux enabled?

No, SELinux is disabled

Docker version

20.10.22

Log: docker logs

/etc/bind/custom/zone/rpz
--------------------------------------------------------------------------------
$TTL 3600
@                               IN   SOA     090be6331014. admin.090be6331014. (
                                             1673478408     ; Serial number
                                             1200           ; Refresh time
                                             180            ; Retry time
                                             1209600        ; Expiry time
                                             10800          ; Negative Cache TTL
)

; NS Records
                                IN   NS      090be6331014.

; Custom Records
*.wow.cn                     IN   A       10.2.10.125
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INFO] Starting BIND 9.16.33
11-Jan-2023 23:06:48.275 managed-keys-zone: loaded serial 0
11-Jan-2023 23:06:48.276 zone 0.in-addr.arpa/IN: loaded serial 1
11-Jan-2023 23:06:48.278 zone rpz/IN: loaded serial 1673478408
11-Jan-2023 23:06:48.278 rpz: rpz: reload start
11-Jan-2023 23:06:48.278 rpz: rpz: reload done
11-Jan-2023 23:06:48.281 zone localhost/IN: loaded serial 2
11-Jan-2023 23:06:48.281 zone 127.in-addr.arpa/IN: loaded serial 1
11-Jan-2023 23:06:48.282 zone 255.in-addr.arpa/IN: loaded serial 1
11-Jan-2023 23:06:48.283 all zones loaded
11-Jan-2023 23:06:48.283 running
12-Jan-2023 03:22:55.017 client @0x7f7888850f70 172.17.0.1#57150 (225.8.2.10.in-addr.arpa): query: 225.8.2.10.in-addr.arpa IN PTR + (172.17.0.2)
12-Jan-2023 03:25:02.049 client @0x7f7888850f70 10.2.10.147#58112 (cas.wow.cn): query: cas.wow.cn IN A + (172.17.0.2)
12-Jan-2023 03:25:07.049 client @0x7f7888864730 10.2.10.147#58112 (cas.wow.cn): query: cas.wow.cn IN A + (172.17.0.2)
12-Jan-2023 03:25:12.049 client @0x7f7888864730 10.2.10.147#58112 (cas.wow.cn): query: cas.wow.cn IN A + (172.17.0.2)
12-Jan-2023 03:25:12.050 resolver priming query complete
12-Jan-2023 03:25:22.051 resolver priming query complete
12-Jan-2023 03:25:22.051 client @0x7f7888850f70 10.2.10.147#58112 (cas.wow.cn): query failed (timed out) for cas.wow.cn/IN/A at query.c:7375
12-Jan-2023 03:26:58.518 client @0x7f788000c090 172.17.0.1#47826 (cas.wow.cn): query: cas.wow.cn IN A + (172.17.0.2)

(Optional) Additional information

No response