[Unbound-users] stub-zone reverse problem
john
lists at cloned.org.uk
Tue Jan 26 17:58:39 UTC 2010
Hi,
I run unbound as a resolver and I've configured it with a stub zone for
reverse DNS on a local subnet we use internally, however it doesn't seem
to send the requests for the zone to the IP specified in the sub-zone
config. I looked in the archives and found someone else with a similar
problem:
http://www.unbound.net/pipermail/unbound-users/2009-May/000583.html
The solution there also works for me. Before this, I had configured
unbound with:
stub-zone:
name: "10.10.10.in-addr.arpa."
stub-addr: a.b.c.d
and with that config I get an answer like this from unbound:
; <<>> DiG 9.5.1-P3 <<>> -t ns 10.10.10.in-addr.arpa. @x.x.x.x
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16381
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;10.10.10.in-addr.arpa. IN NS
;; AUTHORITY SECTION:
10.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800
If I then apply the 'fix' from the post above:
"local-zone: "10.in-addr.arpa." nodefault"
It answers correctly with the details from the server specified in the
stub address.
I am not serving any zones from unbound- it is acting purely as a resolver
so this seems like unbound is serving the 10.in-addr.arpa. authority bit
when it hasn't been configured to do so. Any ideas why it's doing this?
I'm using the Debian Lenny package (1.0.2-1+lenny1) on this box, but it
seems to do the same with 1.4.1 built from source.
john
More information about the Unbound-users
mailing list