It’s just to report back this issue about DNSSEC, when 18.104.22.168 is used with DNSSEC some domain are not resolved (works with other providers) namely this domain watchub.pw does not work when DNSSEC is enabled.
How to reproduce :
- Unbound on 127.0.0.1 with 22.214.171.124 upstream
- DNSSEC enabled on unbound (https://nlnetlabs.nl/documentation/unbound/howto-anchor/)
[[email protected]]# nslookup watchub.pw
** server can’t find watchub.pw: SERVFAIL
I just solved this by adding an other provider, and posted here to let you know