0

NextDNS not returning 0.0.0.0 for blocklist "A" lookups

I am running Unbound on OPNSense forwarding to NextDNS using DoT. When I enable a Blocklist (Oisd for example) and select no block page, A lookups return a "not found" instead of "0.0.0.0". AAAA lookups do return "::" as expected. If I enable the block page, A lookups return the NextDNS page as expected. The "not found" results causes apps/devices to repeatedly perform lookups as compared to getting the desired 0.0.0.0 result. 

Until I can get the A lookups to return 0.0.0.0 for blocklists, I am forced to continue to use the local blocklist functionality in Unbound. Is this expected behavior or do I have something misconfigured in Unbound? If this is expected, why isn't working as it described?

1 reply

null
    • Richard_Mancuso
    • 2 yrs ago
    • Reported - view

    I figured out the problem. I had to disable the OPNSense DNS rebinding protection option which added all the private domains including 0.0.0.0 to the Unbound config file.

Login to reply

Content aside

  • 2 yrs agoLast active
  • 1Replies
  • 80Views
  • 1 Following