Menu
What's new
By:
Filters Better Search

Unbound Unbound suddenly not resolving certian domains!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dave14305 said:
It bypasses your ISP’s DNS servers, but you still must send your Unbound DNS queries through your ISP’s network.
Click to expand...
So if you use CLoudflare DNS set up on the router or your phone, your queries don't go though ISP?
 
Khadanja said:
Works if I do this. How to add multiple domains? Also, why does it work this way? If my ISP is blocking it, I thought unbound bypasses ISP for DNS?
Click to expand...
Khadanja, they probably are blocking your ISP ASN, in which case even your IP would be blocked. This isn't something you can control. When you are using unbound recursively, YOU meaning you and your IP are your own DNS server. Using your hostname. When you access it using the forward method, you are asking those servers to tell you about that domain.

forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net
 
Last edited:
Khadanja said:
Works if I do this. How to add multiple domains? Also, why does it work this way? If my ISP is blocking it, I thought unbound bypasses ISP for DNS?
Click to expand...
You could also make sure you are not country blocking with skynet. This has been known to cause issues when using unbound root servers.
 
Jumpstarter said:
You could also make sure you are not country blocking with skynet. This has been known to cause issues when using unbound root servers.
Click to expand...
not blocking any country. How to add multiple domain in forward zone? Tried but unbond complaining about duplicate forward-tls-upstream & forward-zone#DoT
 
Khadanja said:
not blocking any country. How to add multiple domain in forward zone? Tried but unbond complaining about duplicate forward-tls-upstream & forward-zone#DoT
Click to expand...
after the first forward arguement only start with name.

e.g.

forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support ##only put this argument once.
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

name: "some.other.site.com"
 
tried that
Jumpstarter said:
after the first forward arguement only start with name.

e.g.

forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support ##only put this argument once.
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

name: "some.other.site.com"
Click to expand...
& now getting /opt/var/lib/unbound/unbound.conf:192: error: forward name override, there must be one name for one forward-zone
 
Khadanja said:
tried that

& now getting /opt/var/lib/unbound/unbound.conf:192: error: forward name override, there must be one name for one forward-zone
Click to expand...
so apparently you have to do them all individually.


Code: 
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

forward-zone:
name: "some.other.site.com"
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

Which means you have to repeat the same arguements for each one.
 
Jumpstarter said:
so apparently you have to do them all individually.


Code: 
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

forward-zone:
name: "some.other.site.com"
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

Which means you have to repeat the same arguements for each one.
Click to expand...
Tried that already exactly like you have typed but get this error -
***ERROR unbound configuration contains DUPLICATES - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
4 forward-tls-upstream:
3 forward-zone:
 
Khadanja said:
Tried that already exactly like you have typed but get this error -
***ERROR unbound configuration contains DUPLICATES - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
4 forward-tls-upstream:
3 forward-zone:
Click to expand...
the real question is, IS this a legit unbound error, or one generated by unbound manager?
 
Khadanja said:
Tried that already exactly like you have typed but get this error -
***ERROR unbound configuration contains DUPLICATES - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
4 forward-tls-upstream:
3 forward-zone:
Click to expand...
I am able to run multiple forwardzones in all my unbound configurations. Even the one above. maybe @Martineau could explain this limitation in his manager.
 
In my unbound.conf file another zone Stubby is commented out which suggests that multiple should work.
##########################################
#forward-zone:#Stubby # v1.08 Add #Stubby edit marker
#name: "."
#forward-addr: 127.0.1.1@5453
#forward-addr: 0::1@5453 # integration IPV6
#########################################
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ # v1.05 Martineau
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq"
 
Khadanja said:
In my unbound.conf file another zone Stubby is commented out which suggests that multiple should work.
##########################################
#forward-zone:#Stubby # v1.08 Add #Stubby edit marker
#name: "."
#forward-addr: 127.0.1.1@5453
#forward-addr: 0::1@5453 # integration IPV6
#########################################
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ # v1.05 Martineau
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq"
Click to expand...
You could make a separate include file which should be impervious to the scripts forward zone check.
 
Create a separate .conf file and just add the forward zones there and then include it in the mail .conf file?
Jumpstarter said:
You could make a separate include file which should be impervious to the scripts forward zone check.
Click to expand...
 
Jumpstarter said:
Bingo.
Click to expand...
Worked!!!! Thanks!! I am hosting AdGuard on ad.nest.gq & using it on my iPhone by creating a custom profile for DoH when connected to mobile data but that won't work anymore :(. Most likely my ISP has started blocking all these .gq, .ml free domains for whatever reason.
 
Last edited:
@Jumpstarter Looks like there was a problem with my ISP's certain DNS server as yesterday I could resolve it using another DNS server of my ISP on mobile and some others with same ISP could resolve it but some couldn't. It seems to be ok now on mobile, will test on home broadband by removing the forward-zone.
 
Working fine after removing the forward-zone too
 
You must log in or register to reply here.

Similar threads

pdc
Router DNS returning Refused
Replies
2
Views
282
pdc
pdc
M
Unbound Unable to make Unbound work
Replies
13
Views
919
mangkoran
M
D
Unbound DNSSec with unbound_manager?
Replies
6
Views
1K
dominik
D
Don Walker
Unbound Unbound fails to resolve "epaper.ottawacitizen.com" with SERVFAIL
Replies
3
Views
1K
Don Walker
Don Walker
StrikerXXX
Correct way to configure quad9 dns in EDNS/ECS
Replies
0
Views
2K
StrikerXXX
StrikerXXX
Similar threads
Thread starter Title Forum Replies Date
U Unbound Help setting up Unbound. Asuswrt-Merlin AddOns 2
B Knot Resolver vs unbound? Asuswrt-Merlin AddOns 1
V unbound blocking apple private relay. Asuswrt-Merlin AddOns 1
B Unbound unbound/WAN settings Asuswrt-Merlin AddOns 31
Viktor Jaep Solved Latest entware update borked up Unbound Asuswrt-Merlin AddOns 25
Q Problems unbound reverse proxy Asuswrt-Merlin AddOns 2
M Unbound Show local names in unbound log requests Asuswrt-Merlin AddOns 5
J Unbound Configure unbound with multiple VPNs Asuswrt-Merlin AddOns 7
I Unbound [SOLVED] Unbound not resolving anything Asuswrt-Merlin AddOns 40
S Unbound Unbound graphical statistics tab doesn't update all groups Asuswrt-Merlin AddOns 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 843 (members: 27, guests: 816)
Top