[Unbound-users] Public stub zone
pieterennes at gmail.com
Sat Oct 19 08:24:57 UTC 2013
On 18/10/13 13:22, Yuri Schaeffer wrote:
> Hi Pieter,
> So if I read your question correctly you have
> - An authority server which has no delegation towards it.
> - your zone's NS records point to your unbound instance
>> However, I cannot find a way to expose *just* my stub-zone to the world,
>> without allowing global recursion at the same time.
> I just tried the following:
> local-zone: . refuse
> local-zone: unbound.net transparent
> name: "unbound.net"
> forward-addr: 18.104.22.168
> forward-addr: 22.214.171.124
> This would refuse any query not in the unbound.net zone. Does this work
> for you?
Your example using a forward-zone works just fine, but I tried a
stub-zone instead of a forward-zone, and ran into a segfault with that.
I chose a stub zone since I have authoritative data and the docs mention:
"If you need more complicated authoritative data [...] setup a sub-zone
for it [...]."
What is valid reasoning to choose between a forward and stub zone
statement in my case?
PS. The experimental server in question is here:
http://github.com/skion/junkdns/. It basically looks up publicsuffix.org
extensions at the moment.
More information about the Unbound-users