@filippo_carletti OK I found the root cause of the issue.
However I am not sure what might be the right way to handle this.
To debug the issue I consulted the dnsmasq mailing list and I turned ON debug log queries.
What happens is that dnsmasq has 2 name servers ie(example!!!):
Due to a network issue the route to the first DNS server ie 18.104.22.168 was fine but from it to the Internet no.
So dnsmsq queires 22.214.171.124 first which is unbonud and recieves a response that the A record is blank…
It should have been a nxdomain or similar errror(this needs to be dealt withing unbound and not here)
So dnsmasq thinks he got a “good” A response but it was an empty one.
Due to this it didn’t continued to run a query against 126.96.36.199.
The real solution is to fix the unbound dns routes towards the root DNS servers but…
DNSMasq needs to be configured in such a way that if there are two DNS servers and a response is not a “valid” one it should run queries against the next server which is 188.8.131.52.
My conclusion is that a similar issue exists in other scenarios around the globe and dnsmasq logging queries property is necessary.
To turn it on I used:
mkdir /etc/e-smith/templates-custom/etc/dnsmasq.conf/ -p
echo "log-queries=extra" > /etc/e-smith/templates-custom/etc/dnsmasq.conf/90log_queries
What do you think @pike, @filippo_carletti ?