From 579e98f27ccc6055e42b461b6b57c3a75ae03ed7 Mon Sep 17 00:00:00 2001
From: Aminda Suomalainen <suomalainen+git@mikaela.info>
Date: Mon, 22 Apr 2024 07:28:55 +0300
Subject: [PATCH] unbound/well-known-dns.conf: use typetransparent so non-local
 queries won't get NODATA

---
 etc/unbound/unbound.conf.d/well-known-dns.conf | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/etc/unbound/unbound.conf.d/well-known-dns.conf b/etc/unbound/unbound.conf.d/well-known-dns.conf
index 4659f0bd..90677142 100644
--- a/etc/unbound/unbound.conf.d/well-known-dns.conf
+++ b/etc/unbound/unbound.conf.d/well-known-dns.conf
@@ -2,26 +2,31 @@
 # to send queries, even if they are queried by web browser.
 server:
 # Quad9 Secure
+	local-zone: "dns.quad9.net." typetransparent
 	local-data: "dns.quad9.net. A 9.9.9.9"
 	local-data: "dns.quad9.net. A 149.112.112.112"
 	local-data: "dns.quad9.net. AAAA 2620:fe::fe"
 	local-data: "dns.quad9.net. AAAA 2620:fe::9"
 # Quad9 No Threat Blocking
+	local-zone: "dns10.quad9.net." typetransparent
 	local-data: "dns10.quad9.net. A 9.9.9.10"
 	local-data: "dns10.quad9.net. A 149.112.112.10"
 	local-data: "dns10.quad9.net. AAAA 2620:fe::10"
 	local-data: "dns10.quad9.net. AAAA 2620:fe::fe:10"
 # Quad9 Secure + ECS
+	local-zone: "dns11.quad9.net." typetransparent
 	local-data: "dns11.quad9.net. A 9.9.9.11"
 	local-data: "dns11.quad9.net. A 149.112.112.11"
 	local-data: "dns11.quad9.net. AAAA 2620:fe::11"
 	local-data: "dns11.quad9.net. AAAA 2620:fe::fe:11"
 # Quad9 No Threat Blocking + ECS
+	local-zone: "dns12.quad9.net." typetransparent
 	local-data: "dns12.quad9.net. A 9.9.9.12"
 	local-data: "dns12.quad9.net. A 149.112.112.12"
 	local-data: "dns12.quad9.net. AAAA 2620:fe::12"
 	local-data: "dns12.quad9.net. AAAA 2620:fe::fe:12"
 # DNS0 default
+	local-zone: "dns0.eu." typetransparent
 	local-data: "dns0.eu. A 193.110.81.0"
 	local-data: "dns0.eu. A 185.253.5.0"
 	local-data: "dns0.eu. AAAA 2a0f:fc80::"
@@ -42,6 +47,7 @@ server:
 	local-data: "open.dns0.eu. AAAA 2a0f:fc80::ffff"
 	local-data: "open.dns0.eu. AAAA 2a0f:fc81::ffff"
 # Cloudflare
+	local-zone: "cloudflare-dns.com." typetransparent
 	local-data: "cloudflare-dns.com. A 1.1.1.1"
 	local-data: "cloudflare-dns.com. A 1.0.0.1"
 	local-data: "cloudflare-dns.com. AAAA 2606:4700:4700::1111"
@@ -52,14 +58,17 @@ server:
 	local-data: "security.cloudflare-dns.com. AAAA 2606:4700:4700::1112"
 	local-data: "security.cloudflare-dns.com. AAAA 2606:4700:4700::1002"
 # Mullvad ad, tracker & malware block
+	local-zone: "dns.mullvad.net." typetransparent
 	local-data: "base.dns.mullvad.net. A 194.242.2.4"
 	local-data: "base.dns.mullvad.net. AAAA 2a07:e340::4"
 # AdGuard Default
+	local-zone: "dns.adguard.com." typetransparent
 	local-data: "dns.adguard-dns.com. A 94.140.14.14"
 	local-data: "dns.adguard-dns.com. A 94.140.15.15"
 	local-data: "dns.adguard-dns.com. AAAA 2a10:50c0::ad1:ff"
 	local-data: "dns.adguard-dns.com. AAAA 2a10:50c0::ad2:ff"
 # Google DNS
+	local-zone: "dns.google." typetransparent
 	local-data: "dns.google. A 8.8.8.8"
 	local-data: "dns.google. A 8.8.4.4"
 	local-data: "dns.google. AAAA 2001:4860:4860::8888"