Unbound listening on 127.0.0.1 but doesn't resolve internal names

[bmorgenthaler]

I have Unbound setup as my DNS resolver for my network and from my clients it works just fine but for my firewall itself it is failing to resolve internal system names. When I query an interface's IP like a client would do it resolves as expected but when I try against 127.0.0.1 I'm going out to root servers.

I've configured opnsense to use 127.0.0.1 as system DNS and no DHCP provided DNS from my ISP.

/etc/resolv.conf

Code Select Expand


domain home.arpa
nameserver 127.0.0.1
search home.arpa


And unbound is configured to run on all interfaces as recommended.

/var/unbound/unbound.conf snippet

Code Select Expand


# Interface IP(s) to bind to
interface: 0.0.0.0
interface: ::
interface-automatic: yes


What should I be looking at next?

[CJ]

Did you edit files or use the UI to make your config changes?

Do you have Do not use local DNS checked under System -> General -> Settings?

What do you have under Services -> Unbound -> Query Forwarding and DNS over TLS?

Post a screenshot of the Interfaces -> Diagnostics -> DNS Lookup page with nothing entered into the server black.