Naked/apex/bare domain entry in Unbound breaks MX lookup

wessel

Hi,

If I add a naked domain entry in the DNS Resolver (pfsense 2.2.6) the MX lookups for that domain seem to fail.

I added an entry without host and with domain + internal ip via the DNS Resolver: Edit host menu.
(I also tried it with only adding a the lines  server:  local-data: "domain.net. IN A internal.ip.address" in the advanced part)

If I do a
  dig @pfsenseip  domain.net
it resolves correctly.

Now
  dig @pfsenseip  domain.net mx
does not return anything anymore.

If I only add a www.domain.net with internal ip to the DNS resolver it still works.

I solved it now via the advanced part:
server:
local-data: "domain.net.. IN A internal.ip.address"
local-data: "domain.net..    IN      MX      10 aspmx2.googlemail.com."
local-data: "domain.net..    IN      MX      1 aspmx.l.google.com."
local-data: "domain.net..    IN      MX      5 alt2.aspmx.l.google.com."
local-data: "domain.net..    IN      MX      10 aspmx3.googlemail.com."
local-data: "domain.net..    IN      MX      5 alt1.aspmx.l.google.com."

Now both:
  dig @pfsenseip  domain.net
  dig @pfsenseip  domain.net mx

work. But this is less optimal because now I have to places to maintain the MX records.

Any suggestions?

Is it a bug in unbound?

Thanks, Wessel