[Unbound-users] Servers for local zones that are not signed
Eugene Crosser
crosser at average.org
Fri Jul 6 12:25:39 UTC 2012
On 07/06/2012 03:33 PM, Jan-Piet Mens wrote:
>> So unbound asks dnsmasq for the address
>> of "myhost.lan" as it is instructed by forward-zone, gets correct result (!),
>> but then marks it bogus because it cannot establish trust chain.
>
> You'll need
>
> private-domain: "lan."
> domain-insecure: "lan."
Wow, that was fast!
After also adding "do-not-query-localhost: no" (and 'local-zone:
"168.192.in-addr.arpa" nodefault' for the reverse zone) it all worked!
Thanks a lot!
Any chance to make these sort of tricks more apparent in the documentation?
Eugene
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20120706/f239b1e0/attachment.bin>
More information about the Unbound-users
mailing list