[solved] Unbound doesn’t resolve static leases (take 2)

Hmm, I thought I needed to add a forward-zone and did so via luci; turns out I was wrong, since the "dnsmasq" link option probably takes care of that.

However I noticed that this implicit zone definition uses "forward-addr" while my expllcit zone uses "forward-host".

Anyhow, it still doesn't work: with "forward-host" I get a SERVFAIL, whereas "forward-addr" gives me NXDOMAIN because it goes straight to root: even considering an earlier post on host vs domain, I still get no reply for both static addresses (config domain) and static leases (config host)

@anomeome here is the unbound.conf file, with masked data:
(I started masking it before testing, never mind the timestamp)

unbound.conf
# /var/lib/unbound/unbound.conf generated by UCI 2020-03-30T11:09:25+0000
# /var/lib/unbound/server.conf.tmp generated by UCI 2020-03-30T11:09:25+0000
server:
  username: unbound
  chroot: /var/lib/unbound
  directory: /var/lib/unbound
  pidfile: /var/run/unbound.pid
  tls-cert-bundle: /var/lib/unbound/ca-certificates.crt

  num-threads: 1
  msg-cache-slabs: 1
  rrset-cache-slabs: 1
  infra-cache-slabs: 1
  key-cache-slabs: 1

  use-syslog: yes
  statistics-interval: 0
  statistics-cumulative: no
  verbosity: 1
  extended-statistics: no

  edns-buffer-size: 1280
  port: 53
  outgoing-port-permit: 10240-65535
  interface: 0.0.0.0
  interface: ::0

  module-config: "iterator"

  cache-min-ttl: 120
  cache-max-ttl: 72000
  val-bogus-ttl: 300
  infra-host-ttl: 900

  hide-identity: yes
  hide-version: yes

  private-address: 10.0.0.0/8
  private-address: 100.64.0.0/10
  private-address: 169.254.0.0/16
  private-address: 172.16.0.0/12
  private-address: 192.168.0.0/16
  private-address: fc00::/7
  private-address: fe80::/10

  access-control: LAN/24 allow
  access-control: xxxx:yyyy:zzzz:2::c0:fefe/64 allow
  access-control: aaaa:bbbb:cccc:2::c0:fefe/64 allow
  access-control: WAN/32 allow
  access-control: MODEM/24 allow
  access-control: GUEST/24 allow
  access-control: xxxx:yyyy:zzzz:3::c0:fefe/64 allow
  access-control: aaaa:bbbb:cccc:3::c0:fefe/64 allow
  access-control: HE_NET/64 allow
  access-control: 127.0.0.0/8 allow
  access-control: ::1/128 allow
  access-control: fe80::/10 allow

# /var/lib/unbound/host.conf.tmp generated by UCI 2020-03-30T11:09:25+0000
# Local zone is handled by dnsmasq

# /var/lib/unbound/dnsmasq_srv.conf.tmp generated by UCI 2020-03-30T11:09:25+0000
  do-not-query-localhost: no

  domain-insecure: localdomain,192.168.0.0/16
  private-domain: localdomain,192.168.0.0/16
  local-zone: localdomain,192.168.0.0/16 transparent

  domain-insecure: REVLAN.in-addr.arpa
  private-domain: REVLAN.in-addr.arpa
  local-zone: REVLAN.in-addr.arpa transparent

  domain-insecure: REVLAN6.ip6.arpa
  private-domain: REVLAN6.ip6.arpa
  local-zone: REVLAN6.ip6.arpa transparent

  domain-insecure: REVULALAN.ip6.arpa
  private-domain: REVULALAN.ip6.arpa
  local-zone: REVULALAN.ip6.arpa transparent

  domain-insecure: REVGUEST.in-addr.arpa
  private-domain: REVGUEST.in-addr.arpa
  local-zone: REVGUEST.in-addr.arpa transparent

  domain-insecure: REVGUEST6.ip6.arpa
  private-domain: REVGUEST6.ip6.arpa
  local-zone: REVGUEST6.ip6.arpa transparent

  domain-insecure: REVULAGUEST.ip6.arpa
  private-domain: REVULAGUEST.ip6.arpa
  local-zone: REVULAGUEST.ip6.arpa transparent
	
include: /var/lib/unbound/unbound_srv.conf

# /var/lib/unbound/zone.conf.tmp generated by UCI 2020-03-30T11:09:24+0000
# /var/lib/unbound/ctrl.conf.tmp generated by UCI 2020-03-30T11:09:25+0000
# /var/lib/unbound/dnsmasq_ext.conf.tmp generated by UCI 2020-03-30T11:09:25+0000
forward-zone:
  name: localdomain,192.168.0.0/16
  forward-first: no
  forward-addr: 127.0.0.1@1053

forward-zone:
  name: REVLAN.in-addr.arpa
  forward-first: no
  forward-addr: 127.0.0.1@1053

forward-zone:
  name: REVLAN6.ip6.arpa
  forward-first: no
  forward-addr: 127.0.0.1@1053

forward-zone:
  name: REVULALAN.ip6.arpa
  forward-first: no
  forward-addr: 127.0.0.1@1053

forward-zone:
  name: REVGUEST.in-addr.arpa
  forward-first: no
  forward-addr: 127.0.0.1@1053

forward-zone:
  name: REVGUEST6.ip6.arpa
  forward-first: no
  forward-addr: 127.0.0.1@1053

forward-zone:
  name: REVULAGUEST.ip6.arpa
  forward-first: no
  forward-addr: 127.0.0.1@1053

include: /var/lib/unbound/unbound_ext.conf