<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p>I am using Unbound as a local resolver, using OpenDNS to filter
requests via: forward-zone: name: . forward-addr: 208.67.222.222
forward-addr: 208.67.220.220</p>
<p>When OpenDNS blocks a site, for example cporms.bankofamerica.com,
I send the TLD to Google like this:<br>
forward-zone: name: bankofamerica.com forward-addr: 8.8.8.8</p>
<p>Everything works fine -- most of the time, however this morning I
couldn't resolve cporms.bankofamerica.com because the filter
choked on srip.net<br>
C:\>dig +short cporms.bankofamerica.com<br>
cporms-prod-2.eglobal2.bac.com.<br>
cpo-sni-prodb.bankofamerica.com.srip.net.<br>
srip677.globalredir.akadns.net.<br>
a677.srip1.akasrip.net.f8e19fab.1.cn.akasripcn.net.<br>
23.32.240.33</p>
<p>I ended up solving the problem by adding bac.com, srip.net,
akadns.net & akasripcn.net to my list of forward zones. Is
there a way to tell Unbound to let 8.8.8.8 handle the entire query
in this situation?</p>
<p>My service.conf:<br>
<i><font size="-2">server: verbosity: 3 directory:
"c:\KatyComputer.com\Utility\unbound" do-ip6: no logfile:
unbound.log tls-win-cert: yes access-control: 127.0.0.0/8
allow access-control: 192.168.0.0/16 allow<br>
remote-control: control-enable: no<br>
server: auto-trust-anchor-file: root.key<br>
<br>
forward-zone: name: bankofamerica.com forward-addr: 8.8.8.8<br>
.<br>
.<br>
.<br>
forward-zone: name: zyxel.com forward-addr: </font></i><i><font
size="-2"><i><font size="-2"> 8.8.8.8</font></i><br>
forward-zone: name: . forward-addr: 208.67.222.222
forward-addr: 208.67.220.220</font></i></p>
<p><i><font size="-2"><br>
</font></i></p>
<pre class="moz-signature" cols="72">--
John Schmerold
Katy Computer Systems, Inc
<a class="moz-txt-link-freetext" href="https://katycomputer.com">https://katycomputer.com</a>
St Louis</pre>
</body>
</html>