There is a "forward-first:" parameter but not the opposite order. Maybe
make a feature request to deprecate "forward-first:," then replace it with
"forward-preference: {only, preferred, backup}."-Eric On Dec 19, 2017 08:44, "Ilya Evseev via Unbound-users" < [email protected]> wrote: > Hi all! > By default, Unbound DNS server works by "classic" scheme: queries root > servers, then queries NS'es for A/AAAA/... > > Sometime (rarely) connectivity between my Unbound DNS host and target zone > NS'es is failed, but target NS'es are still available from various > LookingGlasses and from Google/Level3 DNS, so "nslookup www.target.com > 8.8.8.8" and "nslookup www.target.com 4.2.2.2" returns the correct answer. > > So my question is very simple: > How to setup Unbound to use public forwarders when (and only after) direct > query to the target NS'es is failed? > > The following config works fine, but routes all queries immediately to > forwarders, ignoring target NS'es at all: > > forward-zone: > name: "." > forward-first: no > forward-addr: 8.8.8.8 > forward-addr: 4.2.2.2 > > WBR, Ilya > >
