[Unbound-users] Can't get CNAME entries to resolve

M. David Peterson m.david at 3rdandurban.com
Tue Mar 3 23:34:35 UTC 2009

On Tue, Mar 3, 2009 at 1:13 AM, W.C.A. Wijngaards <wouter at nlnetlabs.nl>wrote:

> What you are running into is the fact that Unbound is not designed to be
> a full-featured *authoritative* DNS server.  It is a full featured
> *recursive* DNS server.

Yeah, I should have spent that extra five seconds to think through things a
bit before sending my query to the list. That said, you folks have been
/more/ than generous with your time. Thanks!

How to make the stub thing work.
> The idea is to use another server to be the authoritative server.  Such
> as NSD (the authoritative server made by NLnet Labs which has similar
> high performance).  You run NSD on port: 10053 with the example.net
> zone.  NSD is a good authoritative server for CNAME, DNSSEC, NSEC3, ...
> Then you provide unbound with a stub zone
> stub-zone:
>        name: "example.net"
>        stub-addr: at 10053
> You can also run the NSD server on a different computer, of course.

I wasn't aware of the existence of NSD before now. Thanks for bringing it to
my attention and for providing the above example! Will try both now.

M. David Peterson
Co-Founder & Chief Architect, 3rd&Urban, LLC
Email: m.david at 3rdandUrban.com | m.david at amp.fm
Mobile: (206) 999-0588
http://3rdandUrban.com | http://amp.fm |
http://www.oreillynet.com/pub/au/2354 |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20090303/c129521f/attachment.htm>

More information about the Unbound-users mailing list