unbound not forwarding query to another recursive DNS server
I'm trying to use unbound to forward DNS queries to other recursive DNS server. My unbound.conf looks like:
forward-zone:
name: "."
forward-addr:x.x.x.x
forward-addr:x.x.x.x
forward-addr:x.x.x.x
But when I use the command
# unbound-control lookup google.com
The following name servers are used for lookup of google.com.
forwarding request:
Delegation with 0 names, of which 0 can be examined to query further addresses.
It provides 3 IP addresses.
x.x.x.x not in infra cache.
x.x.x.x not in infra cache.
x.x.x.x not in infra cache.
How to make unbound forward the DNS query to another recursive server that is defined in forward zone?
Solution 1:
unbound-control lookup isn't the command it appears to be: From your output, it shows you are forwarding to the listed addresses, despite appearing to be a negative response (unless it is actually printing 'x.x.x.x'!)
Breaking it down:
forwarding request:well, this is key.Delegation with 0 names ...is reporting that none of the forwarders were configured with a domain name usingforward-host(versusforward-addr) which need to be resolved first.It provides 3 IP Addresses ...the following addresses are the configured forwarders.x.x.x.x not in infra cache.(i.e, host cache) stores network stats about the upstream host so the best resolver can be chosen later for queries. This will be empty until the host is actually used for a lookup; it also will expire relatively quickly. If you do adig google.com @127.0.0.1and runlookupagain, you should see the cache updated.
If you were configured as a recursive resolver and not a forwarder, this command would instead show you the nameserver records and host statistics (infra) that would be used for a recursive lookup, without actually doing that lookup.