Unbound gets the right answer (see below) from a forward-zone, but proceeds to ignore it and try to query other DNS servers.
I'm running unbound (1.10.0) on a docker image when behind a public hotspot.
I've added forward-rules to allow communication when detecting that a login is required.
Important note: At this moment I don't have access to internet, I can just ping a local DNS in the router and a couple of domains.
Here's the unbound log
And the config file: (unbound.conf)
From the logs I can see that it has correct response from the forward-zone dns server.
unbound | [1587387141] unbound[1:0] info: incoming scrubbed packet: ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
unbound | ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
unbound | ;; QUESTION SECTION:
unbound | telekom.portal.fon.com. IN A
unbound |
unbound | ;; ANSWER SECTION:
unbound | telekom.portal.fon.com. 42099 IN A 87.140.198.194
unbound |
unbound | ;; AUTHORITY SECTION:
unbound |
unbound | ;; ADDITIONAL SECTION:
unbound | ;; MSG SIZE rcvd: 56
But then proceeds to query root dns servers or other forward-zones I have defined.
It seems to work if I remove/comment from the config the following line:
auto-trust-anchor-file: "var/root.key"
But it's not sensitive to any other configuration option.
Thanks
edit: it proceeds to query root dns servers, not root hosts
