I'm making a DNS server examiner program based on example_4.c from http://www.unbound.net/documentation/libunbound-tutorial-4.html So far the examiner program 1. reads a list of hostnames (separated by newline) on stdin, 2. adds them to a queue of fixed length, 3. processes the requests in parallel, 4. output the resolving result in csv format. We have several sites around the world, and have observed that lots of hosts (derived from e.g. Quantcast[1] and Alexa[2]) fail in some of our sites, but work perfectly fine in others. (Yes, both quantcast and alexa remove the host part of the name, so a lot of sites fail. Those are removed by diffing results from our various sites.) We're thinking of maintaining lists of broken hostnames, one list per site. Based on this list, we can forward specific queries to other sites where the lookup will succeed. libunbound will accept NXDOMAIN and no data from one NS server as good answers and return them to the application, even though the other NS servers might have a proper A/CNAME answer. It depends on which server is asked/answers first. For example, two of four nameservers for telkomsel.com return no data while the other two return a proper A record: $ dig +short @ns1.telkomsel.com telkomsel.com 202.3.208.129 $ dig +short @ns2.telkomsel.com telkomsel.com 202.3.208.129 $ dig +short @ns3.telkomsel.com telkomsel.com $ dig +short @ns4.telkomsel.com telkomsel.com $ (Note that in this case, the result is not site-specific.) Is there any way (a flag or otherwise) to force libunbound to look up the hostname on all NS servers for a given domain, and report failure if there's any difference in the answers? Looking at the code and common sense, it seems there's no such feature. I could put much of that resolver logic into the frontend application, so that it would determine the NS servers of the domain, and query them all, but I'd rather try something else first. Any ideas? s [1] http://www.quantcast.com/top-sites-1 [2] http://s3.amazonaws.com/alexa-static/top-1m.csv.zip