Mutzli
Very Senior Member
I had to switch it off during the day for now. I'll try again later in the week. Hopefully I get some useful info from dig and log.I sympathise, but without a knowledgeable SME to provide a tutorial regarding what information can be extracted/inferred from increasing the 'verbosity: X' directive or alternatively using 'dig', then identifying your unbound issues may take a while.
However, if you posted the 'dig' output for a domain that inexplicably fails, together with the section of the 'unbound.log' (having temporarily increased 'verbosity: X') then there may be clue in the output.
unbound is definitely a new technology for probably 99% of us, but I suspect that if the same spurious issues occurred with say dnsmasq+DoT+DNSSEC etc., would it be straight forward to instantly identify the reason?