[Unbound-users] Forwarding requests for 10.in-addr.arpa.
W.C.A. Wijngaards
wouter at NLnetLabs.nl
Mon Apr 26 12:34:08 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On 04/25/2010 08:07 PM, Chris Smith wrote:
> On Sat, Apr 24, 2010 at 2:58 PM, Thomas E. Spanjaard <tgen at deepbone.net> wrote:
>> I seem to be at a loss how to get requests for anything in
>> 10.in-addr.arpa. to end up at some other configured nameserver. Right
>> now I have
>> local-zone: "10.in-addr.arpa." nodefault
>> and
>> stub-zone:
>> name: "10.in-addr.arpa."
>> stub-host: 10.64.2.1
You mean stub-addr, not stub-host. Now unbound tries to resolve the
domain name '10.64.2.1', but that does not exist.
> I use a combination of:
> local-zone: "7.168.192.in-addr.arpa." transparent
> and
> stub-zone:
> name: "7.168.192.in-addr.arpa"
> stub-addr: 192.168.107.4
And you need transparent because 168.192.in-addr.arpa. is blocked by
default and the 7.168.192.in-addr.arpa. locally overrides that default.
A nodefault for the entire 168.192 range would work, but leave the rest
of 168.192 uncovered, so your current setup is best.
Best regards,
Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkvViEAACgkQkDLqNwOhpPirfQCfV9NDgJkYZ5Cl42WfzCbOgJ/a
HFIAnAizD5JpqJuYgTvXfNdBQF8F7eaB
=6WpV
-----END PGP SIGNATURE-----
More information about the Unbound-users
mailing list