[Unbound-users] local-zone transparent behavior
Paul Wouters
paul at xelerance.com
Thu Mar 18 22:10:05 UTC 2010
On Thu, 18 Mar 2010, Bryan Clay wrote:
> local-zone: foo.com transparent
> local-data: "foo.com. A 55.55.55.55"
>
> Any queries for MX or NS records on foo.com will return NOERROR/NODATA by design, even if that data exists in a
> forwarder upstream. This make me cry and I would be hugely grateful for a method, now or in a future release, for
> a way to bypass this behavior.
>
> I also recommend that this specific behavior be documented with the rest of the transparent behavior in the manual.
> It took me more than an hour to diagnose this issue. Maybe it will keep some other poor sap from going insane.
Unbound is not a authoritative nameserver, so logic for MX and/or additional data
is not really there, other then the simple "insert in cache" override you use above.
For more complicated things, use a forwarder to a local auth nameserver that has that
zone, eg:
stub-zone:
name: "foo.com."
stub-addr: 127.0.0.1 at 5353
stub-prime: "no"
Then run an auth server (nsd or bind) on port 5353 that has the zone foo.com.
Note that if you want answers that contain RFC1918 space, eg 192.168.0.0/16
you might need an additional:
local-zone: "168.192.in-addr.arpa." nodefault
Paul
More information about the Unbound-users
mailing list