[Unbound-users] forward-zone & NS delegation not working as expected

Felix Schueren felix.schueren at hosteurope.de
Mon Oct 26 16:32:59 UTC 2009

We're seeing the following problematic behaviour (with 1.3.4):

  name "domain.tld"
  forward-addr: a

there exists sub.domain.tld - a DDNS subdomain with active directory
stuff. When querying a for "sub.domain.tld", it returns IN NS records
pointing to servers x, y, z.

when querying for host.sub.domain.tld, the request does NOT get sent to
x, y, z by unbound but gets forwarded to a (which does not know how to
answer the request).

The workaround is currently to setup
  name "sub.domain.tld"
  forward-addr: x
  forward-addr: y
  forward-addr: z

but that's annoying as the actual nameservers returned by a for
sub.domain.tld change sometimes, which means having to change the
unbound forward config.

Our old dnscache setup handled this configuration out of the box without
special forwarding rules for the more-specific sub.domain.tld

any thoughts?

Kind regards,


Felix Schüren
Head of Network

Host Europe GmbH - http://www.hosteurope.de
Welserstraße 14 - 51149 Köln - Germany
Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller

(*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend

More information about the Unbound-users mailing list