Unbound forward to BIND tips and tricks?

[linus]

I am sorry if I am breaking forum etiquette by posting in this thread, but the thread has the same topic as my problem. Unfortunately the information within has not helped me find a solution.

My configuration is basically the config that netnut describes, with the addition that I've also enabled DNS over TLS.

What I want to achieve is that any query on the local domain goes to bind, everything else (i.e. the Internet) is forwarded by DoT.

I've come so far that I get correct answers if I am querying bind directly, but I am unable to get unbound to forward the local queries to bind. In my unbound log the only trace I find is:

Code Select Expand

info: resolving local.domain.tld. A IN

But no answer is gained.

I am quite at a loss how to debug this.

The domain in question is under a CCTLD.

Unbound
- Listen on all interfaces on port 53
- Enable DNSSEC Support (enabled)
- Register DHCP Leases (enabled)
- Register DHCP Static Mappings (enabled)
- Use System Nameservers (disabled)
- Query Forwarding:
- Domain: local.domain.tld
- Address: 127.0.0.1
- Port: 53530
- DNS over TLS
- Domain: .
- Address: Quad9 IPv4 and IPv6

BIND
- Listen on 127.0.0.1:53530
- Recursion: RFC1819 (ACL defined bellow)
- Allow Query: RFC1819 (ACL defined bellow)
- DNSSEC Validation: Auto

- ACL
- Name: RFC1918
- Networks: RFC1918 and 127.0.0.0/24

- Master Zone
- Zone Name: local.domain.tld
- Allow Query: RFC1918
- [other zone options]

- Records
- Zone file with NS records (127.0.0.1) and hosts (FQDN's finished with a . (dot))

Any and all help is greatly appreciated.