What's new

Unbound Unbound suddenly not resolving certian domains!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

It bypasses your ISP’s DNS servers, but you still must send your Unbound DNS queries through your ISP’s network.
So if you use CLoudflare DNS set up on the router or your phone, your queries don't go though ISP?
 
Works if I do this. How to add multiple domains? Also, why does it work this way? If my ISP is blocking it, I thought unbound bypasses ISP for DNS?
Khadanja, they probably are blocking your ISP ASN, in which case even your IP would be blocked. This isn't something you can control. When you are using unbound recursively, YOU meaning you and your IP are your own DNS server. Using your hostname. When you access it using the forward method, you are asking those servers to tell you about that domain.

forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net
 
Last edited:
Works if I do this. How to add multiple domains? Also, why does it work this way? If my ISP is blocking it, I thought unbound bypasses ISP for DNS?
You could also make sure you are not country blocking with skynet. This has been known to cause issues when using unbound root servers.
 
You could also make sure you are not country blocking with skynet. This has been known to cause issues when using unbound root servers.
not blocking any country. How to add multiple domain in forward zone? Tried but unbond complaining about duplicate forward-tls-upstream & forward-zone#DoT
 
not blocking any country. How to add multiple domain in forward zone? Tried but unbond complaining about duplicate forward-tls-upstream & forward-zone#DoT
after the first forward arguement only start with name.

e.g.

forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support ##only put this argument once.
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.

forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

name: "some.other.site.com"
 
tried that
after the first forward arguement only start with name.

e.g.

forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support ##only put this argument once.
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.

forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

name: "some.other.site.com"
& now getting /opt/var/lib/unbound/unbound.conf:192: error: forward name override, there must be one name for one forward-zone
 
tried that

& now getting /opt/var/lib/unbound/unbound.conf:192: error: forward name override, there must be one name for one forward-zone
so apparently you have to do them all individually.


Code:
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

forward-zone:
name: "some.other.site.com"
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

Which means you have to repeat the same arguements for each one.
 
so apparently you have to do them all individually.


Code:
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq" <<------ this part says we want unbound to ask the servers below for information about this domain, thus skipping your ISP's network.
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

forward-zone:
name: "some.other.site.com"
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net

Which means you have to repeat the same arguements for each one.
Tried that already exactly like you have typed but get this error -
***ERROR unbound configuration contains DUPLICATES - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
4 forward-tls-upstream:
3 forward-zone:
 
Tried that already exactly like you have typed but get this error -
***ERROR unbound configuration contains DUPLICATES - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
4 forward-tls-upstream:
3 forward-zone:
the real question is, IS this a legit unbound error, or one generated by unbound manager?
 
Tried that already exactly like you have typed but get this error -
***ERROR unbound configuration contains DUPLICATES - use option 'vx' to correct 'unbound.conf' or 'rl' to load a valid configuration file
4 forward-tls-upstream:
3 forward-zone:
I am able to run multiple forwardzones in all my unbound configurations. Even the one above. maybe @Martineau could explain this limitation in his manager.
 
In my unbound.conf file another zone Stubby is commented out which suggests that multiple should work.
##########################################
#forward-zone:#Stubby # v1.08 Add #Stubby edit marker
#name: "."
#forward-addr: 127.0.1.1@5453
#forward-addr: 0::1@5453 # integration IPV6
#########################################
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ # v1.05 Martineau
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq"
 
In my unbound.conf file another zone Stubby is commented out which suggests that multiple should work.
##########################################
#forward-zone:#Stubby # v1.08 Add #Stubby edit marker
#name: "."
#forward-addr: 127.0.1.1@5453
#forward-addr: 0::1@5453 # integration IPV6
#########################################
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ # v1.05 Martineau
forward-zone:#DoT # v1.08 Add #DoT edit marker v1.05 DNS-Over-TLS support
name: "nest.gq"
You could make a separate include file which should be impervious to the scripts forward zone check.
 
Create a separate .conf file and just add the forward zones there and then include it in the mail .conf file?
You could make a separate include file which should be impervious to the scripts forward zone check.
 
Worked!!!! Thanks!! I am hosting AdGuard on ad.nest.gq & using it on my iPhone by creating a custom profile for DoH when connected to mobile data but that won't work anymore :(. Most likely my ISP has started blocking all these .gq, .ml free domains for whatever reason.
 
Last edited:
@Jumpstarter Looks like there was a problem with my ISP's certain DNS server as yesterday I could resolve it using another DNS server of my ISP on mobile and some others with same ISP could resolve it but some couldn't. It seems to be ok now on mobile, will test on home broadband by removing the forward-zone.
 
Working fine after removing the forward-zone too
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top