Problem with unbound after update

[yduan]

I can't attach them all in one post, I'll split them up.

I said to put 127.0.0.1 in the Server field, not the Host field.  The previous screens you posted didn't show a result from the local DNS server.

Ah, sorry, I got it wrong, here is the result: I tried to resolve the domain shop.proxmox.com, putting 127.0.0.1 as server.

Other domains that I access normally resolve successfully, such as google.com.

[CJ]

.

Check if those devices actually use your DNS settings or they default to something else, either in the browser or system settings.


https://www.howtogeek.com/795644/how-to-enable-secure-private-dns-on-android/

Yes, my devices are using local DNS, I have rules to force them to use only them.

DNSSEC enabled and enabled on all interfaces.

Just to let you know, that setup won't stop DoH.  For example, Firefox uses Cloudflare as their default resolves but they have a specific subdomain which resolves to different IPs than their standard set.  Since it uses 443 the only way to stop it is block the domain and/or the IP.

[CJ]

Ah, sorry, I got it wrong, here is the result: I tried to resolve the domain shop.proxmox.com, putting 127.0.0.1 as server.

Other domains that I access normally resolve successfully, such as google.com.

What shows in the Unbound logs and Reporting?  Do you have SERVFAIL logging turned on?

Any blocklists?