I want to go directly to the source, i mean, if i want to resolve, for example www.polito.it, i want to ask “it”, then “polito.it”… This is what Unbound should be doing.
Instead, i can resolve it:
server /etc # dig it @127.0.0.1
; <<>> DiG 9.16.48 <<>> it @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59860
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;it. IN A
;; AUTHORITY SECTION:
it. 3194 IN SOA dns.nic.it. hostmaster.nic.it. 2024062114 10800 900 604800 3600
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jun 21 14:50:06 CEST 2024
;; MSG SIZE rcvd: 86
Instead i cannot resolve polito.it:
server /etc # dig polito.it @127.0.0.1
; <<>> DiG 9.16.48 <<>> polito.it @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 60832
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;polito.it. IN A
;; Query time: 1180 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jun 21 14:50:40 CEST 2024
;; MSG SIZE rcvd: 38
Nothing appears in the logs. It resolve fine using 8.8.8.8 as upstream DNS.
Agreed and big thumbs up for Gentoo. Our distro never gets enough love!