unbound forward zone syntax

domain-name-system unbound

Solution 1:

In the specific context stated in the question, the name in a zone definition (forward-zone, local-zone, etc) in unbound.conf, I don't believe there can be any difference to how these variations are interpreted.
Ie, these two names are interpreted the same.

In some other contexts, a name lacking the trailing dot is considered relative. Here, however we are in a context where there exists no reference point for what the name would be relative to.

It may be a good idea to use the variation with the trailing dot simply for its completely unambiguous meaning to any human readers of the unbound configuration file.
Additionally, It may be nice in terms of consistency if that name is also referenced somewhere else where names can actually be relative and therefore has the trailing dot in that other place.

Solution 2:

Difference between foo.tld and foo.tld. is simple. When you put dot at the end of FQDN your resolver understand that is the absolute name for host or domain. Without dot it's relative name and your resolver could add it's domain to provided FQDN.

For example if you have configured resolver to search in domain local.home, request for foo.tld would be asked as foo.tld.local.home if no foo.tld was found.

Related

What are the risks of trusting a self-signed certificate on a development machine?
Fail2ban unban action fails with Cloudflare
Performing root mysql operations in bash scripts
Can't locate API module structure `mod_wsgi'
Linux: Create files and direcotires but not delete them
MySQL 5.1 Replication Topologies: Multi-Master
Config Subdomain to point to heroku app
Domain vs Workgroup
Nginx rewrite rule subfolder 404 error
Emails to multiple recipients get delivered multiple times per user
linux + create simple watch dog process in shell script
Apache LDAPS Authentication