diff --git a/inventory/base/group_vars/all.yaml b/inventory/base/group_vars/all.yaml
index f997e5050..ae170a40c 100644
--- a/inventory/base/group_vars/all.yaml
+++ b/inventory/base/group_vars/all.yaml
@@ -33,6 +33,8 @@ iptables_base_public_udp_ports: []
 iptables_extra_public_udp_ports: []
 iptables_public_udp_ports: "{{ iptables_base_public_udp_ports + iptables_extra_public_udp_ports }}"
 
+unbound_forward_zones: []
+
 # When adding new users, always pick a UID larger than the last UID, do not
 # fill in holes in the middle of the range.
 all_users:
diff --git a/inventory/service/group_vars/otc.yaml b/inventory/service/group_vars/otc.yaml
new file mode 100644
index 000000000..0c51b769f
--- /dev/null
+++ b/inventory/service/group_vars/otc.yaml
@@ -0,0 +1,4 @@
+unbound_forward_zones:
+  - name: "t-systems.com"
+    opts:
+      forward-addr: "100.125.4.25"
diff --git a/inventory/service/groups.yaml b/inventory/service/groups.yaml
index d400b9b25..0735b1a6b 100644
--- a/inventory/service/groups.yaml
+++ b/inventory/service/groups.yaml
@@ -68,6 +68,15 @@ groups:
   apimon-stg:
     - bridge.apimon.eco.tsi-dev.tsi-service.com
 
+  # OTC environment specific variables
+  otc:
+    - executor1.apimon.eco.tsi-dev.otc-service.com
+    - executor3.apimon.eco.tsi-dev.otc-service.com
+    - executor4.apimon.eco.tsi-dev.otc-service.com
+    - scheduler1.apimon.eco.tsi-dev.otc-service.com
+    - hybrid.apimon.eco.tsi-dev.otc-service.com
+    - preprod.apimon.eco.tsi-dev.otc-service.com
+
   # Where local statsd should be deployed
   statsd:
     - scheduler1.apimon.eco.tsi-dev.otc-service.com
diff --git a/playbooks/roles/base/unbound/tasks/main.yaml b/playbooks/roles/base/unbound/tasks/main.yaml
index c3e4ad7ff..3174f3088 100644
--- a/playbooks/roles/base/unbound/tasks/main.yaml
+++ b/playbooks/roles/base/unbound/tasks/main.yaml
@@ -22,6 +22,15 @@
     dest: /etc/resolv.conf
     mode: 0444
 
+- name: Write unbound forward file
+  template:
+    src: "unbound.confd.conf.j2"
+    dest: "/etc/unbound/conf.d/{{ zone.name }}.conf"
+    mode: "0644"
+  loop: "{{ unbound_forward_zones }}"
+  loop_control:
+    loop_var: "zone"
+
 - name: Enable unbound
   service:
     name: unbound
diff --git a/playbooks/roles/base/unbound/templates/unbound.confd.conf.j2 b/playbooks/roles/base/unbound/templates/unbound.confd.conf.j2
new file mode 100644
index 000000000..708c4bed4
--- /dev/null
+++ b/playbooks/roles/base/unbound/templates/unbound.confd.conf.j2
@@ -0,0 +1,6 @@
+forward-zone:
+  name: {{ zone.name }}
+{% for k, v in zone.opts.iteritems() %}
+  {{ k }}: {{ v }}
+{% endfor %}
+