Ralph Dolmans via Unbound-users:
Any chance that the nameservers Unbound is sending queries to are not on the ECS whitelist (send-client-subnet)? Unbound only sends ECS data to whitelisted addresses.
Ralf. 2000::/3 should cover any IPv6 nameserver. just added "send-client-subnet: 0.0.0.0/0" to cover IPv4 also ( suggestion: document the "any address" case ) but no visible change in packet traces every time I 1. restart unbound 2. capture any traffic on Port 53 3. send a query "dig @resolver google.com. ns" 4. stop & inspect the trace Andreas
