<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Unfortunately, I can't touch the client.</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
I was looking for a more regexish solution but it seems I can't use wildcards or anything like:</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<font size="2"><span style="font-size:11pt">> local-zone: .com typetransparent<br>
> local-data: "*.com ns 8.8.8.8"</span></font></div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
I saw some reference to using stub zones if I wanted regex or wildcards but I'm not sure I can do something like the override with a stub zone. If i even manage to create false NS entries via the stub zone then the actual lookups for that domain will be forwarded
to that false (and probably incorrect NS)</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Guess, I am stuck with some sort of automation to deploy all the local data overrides i need...<br>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Paul Vixie <paul@redbarn.org><br>
<b>Sent:</b> Monday, March 23, 2020 3:52 PM<br>
<b>To:</b> unbound-users@lists.nlnetlabs.nl <unbound-users@lists.nlnetlabs.nl><br>
<b>Cc:</b> Amir A. <thesubmitter@hotmail.com><br>
<b>Subject:</b> Re: Always Respond to NS record requests....</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">On Monday, 23 March 2020 13:53:03 UTC Amir A. via Unbound-users wrote:<br>
> Hi,<br>
> <br>
> For our purposes we need a DNS server to always respond to NS record<br>
> requests. The problem is subdomains seem not to have NS records created for<br>
> them even if the root domain as an NS record created.<br>
> <br>
> Ideally<br>
> <br>
> 1. When a client asking for the NS record of a subdomain if it doesn't<br>
> exist I want unbound to return the NS record of the APEX domain<br>
> <br>
> 2. If that doesn't work then at least return a static entry for any NS<br>
> record request of ANY domain or subdomain<br>
<br>
you seem to be asking for a protocol change. finding the closest enclosing NS <br>
RRset is not something the local server can do without searching, and right <br>
now the protocol expects that the client who needs that data will drive that <br>
searching. one way to perform that searching is res_findzonecut():<br>
<br>
<a href="http://cvsweb.netbsd.org/bsdweb.cgi/src/external/bsd/libbind/dist/resolv/">http://cvsweb.netbsd.org/bsdweb.cgi/src/external/bsd/libbind/dist/resolv/</a><br>
res_findzonecut.c?rev=1.1.1.1.14.1&content-type=text/x-cvsweb-markup<br>
<br>
> The solution I have right now is:<br>
> <br>
> local-zone: domain.com typetransparent<br>
> local-data: "app.domain.com ns 8.8.8.8"<br>
> <br>
> but that would require me to add an entry for every single "domain.com" and<br>
> "app.domain.com"<br>
> <br>
> Anybody have a better solution?<br>
<br>
teach your client how to drive the closest encloser discovery process.<br>
<br>
-- <br>
Paul<br>
<br>
<br>
</div>
</span></font></div>
</body>
</html>