Diversion and Unbound are both vanilla setups. The only changes being made to my unbound.conf file is when my VPN private IP changes after reconnecting so it knows where to send DNS Query traffic. I don't believe I've made any other changes, but I'd be happy to send that to you via PM?
Then, using a combination of
(1) looking at the live raw Unbound log traffic (enabling "lo" under Unbound to show full logging),
(2) following the dnsmasq log in Diversion (using "f" option), and seeing that lookups are using port #53535, the
(3) always helpful
dnscheck.tools website, along with
(4) Eibgrad's DNS Monitor script... all of these can help you determine if things are working the way you want them to when it comes to DNS.
Example from Diversion dnsmasq log:
Code:
Jan 3 15:34:47 dnsmasq[13563]: forwarded connectivitycheck.gstatic.com to 127.0.0.1#53535
Example from Unbound showing full logs:
Code:
Jan 03 11:37:11 unbound[13297:0] query: 127.0.0.1 connectivitycheck.gstatic.com. A IN
Jan 03 11:37:11 unbound[13297:0] reply: 127.0.0.1 connectivitycheck.gstatic.com. A IN NOERROR 0.000000 1 63
Jan 03 11:37:11 unbound[13297:0] query: 127.0.0.1 connectivitycheck.gstatic.com. AAAA IN
Jan 03 11:37:11 unbound[13297:0] reply: 127.0.0.1 connectivitycheck.gstatic.com. AAAA IN NOERROR 0.000000 1 47