Expected Behaviour:
For unbound to return NOERROR on Disney+ related domains, such as disney.api.edge.bamgrid.com.
Actual Behaviour:
I get Error 83 when trying to stream video from Disney+ from any device on my network.
Debug Token:
https://tricorder.pi-hole.net/2m7pQ6UO/
I've been streaming from Disney+ with no problem for the past 2 years or so. Just last week I started getting Error Code 83 from the Disney+ app, which typically indicates a connectivity problem. All other streaming apps work fine (Apple, Netflix, Max). I have a separate subnet for my wife that doesn't not use Pi-hole/Unbound and I can successfully stream Disney+ from there.
Troubleshooting led me to find that Unbound is returning NXDOMAIN for several domains related to Disney+. The one I've been troubleshooting with is disney.api.edge.bamgrid.com. If I set Pi-hole to use external upstream DNS servers, everything works fine.
Output of dig disney.api.edge.bamgrid.com
with unbound:
@raspberrypi:/var/log $
; <<>> DiG 9.16.42-Debian <<>> disney.api.edge.bamgrid.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39534
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;disney.api.edge.bamgrid.com. IN A
;; AUTHORITY SECTION:
edge.bamgrid.com. 900 IN SOA ns-1171.awsdns-18.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
;; Query time: 139 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Sep 16 18:20:23 MDT 2023
;; MSG SIZE rcvd: 138
Output of dig disney.api.edge.bamgrid.com
with Quad9:
; <<>> DiG 9.16.42-Debian <<>> disney.api.edge.bamgrid.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44317
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;disney.api.edge.bamgrid.com. IN A
;; ANSWER SECTION:
disney.api.edge.bamgrid.com. 10 IN CNAME d16tf39cmx7ftb.cloudfront.net.
d16tf39cmx7ftb.cloudfront.net. 22 IN A 18.154.242.69
d16tf39cmx7ftb.cloudfront.net. 22 IN A 18.154.242.129
d16tf39cmx7ftb.cloudfront.net. 22 IN A 18.154.242.106
d16tf39cmx7ftb.cloudfront.net. 22 IN A 18.154.242.46
;; Query time: 35 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Sep 16 18:25:02 MDT 2023
;; MSG SIZE rcvd: 163
I found this thread, which led me to try flushing the zone with sudo unbound-control flush_zone bamgrid.com
and confirming the entries were gone with sudo unbound-control dump_cache | grep bamgrid.com
, but that made no difference.
I've pretty much maxed out my knowledge of DNS/Unbound. Unbound has worked great for me for several years and I'd like to keep using it. Does anyone have any ideas on what's causing this and how to fix it?