[Unbound-users] reverse lookup private zone

W.C.A. Wijngaards wouter at NLnetLabs.nl
Mon May 18 12:22:04 UTC 2009

Hash: SHA1

Hi Francesc,

This should work:

	local-zone: "10.in-addr.arpa." nodefault
	name: "10.in-addr.arpa."
	stub-addr: ip-of-your-private-dns-server

Then it should do reverse lookups on your private DNS server.

The first part 'nodefault' unblocks the reverse zone (these prevent your
local data from leaking to the internet).  The stub-zone makes it ask an
ip adres of your choice for reverse resolution.

Best regards,

Francesc Guasch wrote:
> On Fri, May 15, 2009 at 02:07:46PM +0200, Stephane Bortzmeyer wrote:
>> On Thu, May 14, 2009 at 01:56:59PM +0200,
>>  Francesc Guasch <frankie at etsetb.upc.edu> wrote 
>>  a message of 42 lines which said:
>>> 	local-zone: "10.in-addr.arpa." static
>>>     local-zone: "10.in-addr.arpa. 10800 IN NS localhost."
>>> 	local-data: "10.in-addr.arpa. 10800 IN SOA private.dns.server"
>> Correct, as soon as you use a proper syntax. Unbound told you there
>> was a syntax error, just read the messages.
>> This one works for me (Unbound 1.2):
>> local-zone: "132.18.172.in-addr.arpa." static
>>         local-data: "132.18.172.in-addr.arpa. 10800 IN NS batilda.nic.fr."
>>         local-data: "132.18.172.in-addr.arpa. 10800 IN SOA bortzmeyer.nic.fr. batilda.nic.fr. 2009051500 3600 800 86400 300"
>>         local-data: " 10800 IN PTR www.unbound.net."
> Thank you very much for answering me Stephane, I've been trying but
> I still can't make it work. I guess you have two different DNS servers
> for your zone, but I have only one. The unbound server is just a
> cache from another bind server, so I'm trying this:
> local-zone: "10.in-addr.arpa." static
> local-data: "10.in-addr.arpa. 10800 IN NS my.private.dns.server"
> local-data: "10.in-addr.arpa. 10800 IN SOA my.private.dns.server my.private.dns.server  2009051500 3600 800 86400 300"
> I tried also to put NS localhost in the second line.
> I also tried to add a PTR local-zone like the NS one and some
> other random tries. Mostly I don't know what I'm doing, I just
> want a little dns proxy but I can't find a recipe for my
> requirements.
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org


More information about the Unbound-users mailing list