Please follow the below template, it will help us to help you!
Expected Behaviour:
Sites load by default
Actual Behaviour:
Cannot load certain sites with unbound working. Example is login.yahoo.com
Debug Token:
ab9nh34zdk
Hi All. Thanks to the friendly mods here my Unbound installation with pihole is working. I was testing my apps/sites that the family visits and found that login.yahoo.com does not resolve with Unbound used as the upstream DNS.
Here is the login.yahoo.com dig
root@raspberrypi:/home/pi# dig @127.0.0.1 -p 5353 login.yahoo.com
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> @127.0.0.1 -p 5353 login.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62843
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;login.yahoo.com. IN A
;; ANSWER SECTION:
login.yahoo.com. 10 IN CNAME ds-ats.member.g02.yahoodns.net.
;; AUTHORITY SECTION:
g02.yahoodns.net. 300 IN SOA yf1.yahoo.com. hostmaster.yahoo-inc.com. 1577839320 30 30 86400 300
;; Query time: 148 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Tue Dec 31 19:42:00 EST 2019
;; MSG SIZE rcvd: 149
here is another random site that does load
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> @127.0.0.1 -p 5353 reddit.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41679
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;reddit.com. IN A
;; ANSWER SECTION:
reddit.com. 71 IN A 151.101.193.140
reddit.com. 71 IN A 151.101.65.140
reddit.com. 71 IN A 151.101.129.140
reddit.com. 71 IN A 151.101.1.140
;; Query time: 46 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1)
;; WHEN: Tue Dec 31 19:43:23 EST 2019
;; MSG SIZE rcvd: 103
I have tried toggling the "never forward non FQDN's" options in the administrative interface and tried whitelisting this entry in the pihole interface. My question is, is there a way to force whitelisted entries within unbound itself? Or have any of you experienced this issue with specific sites? I will run into this eventually again and want to have a battle plan for the next time.
Thank you