Domain Name System

Why is the DNS server not working?

Good afternoon! There is a server on Centos 7 with Bind Version 9.9.4 Release installed: 18.el7_1.1. Config /etc/named.conf

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        allow-recursion {"none";};
        recursion no;
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";

};
logging {
        channel default_debug {
                file "data/named.run";
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};


include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

Server ip 10.13.0.64. Firewall ports are open. I specify the server ip as dns on the client and there is no Internet.
in the log /var/log/messages

May 29 15:33:32 dns2 named[23693]: error (network unreachable) resolving 'pdns196.ultradns.org/AAAA/IN': 2001:500:b::1#53

and if you comment out the line in the config (at home on the virtual machine after commenting this line, everything worked, but not at work),
//dnssec-lookaside auto;
then in the log

May 29 15:35:33 dns2 named[23722]: client 10.0.0.1#52247 (www.facebook.com): query (cache) 'www.facebook.com/A/IN' denied

I don't understand where is the mistake?
thanks for the help