Resolve dependent on source IP of request?

Ralph Dolmans ralph at
Mon Oct 3 13:36:57 UTC 2016

Hi Leo,

access-control-tag-data is what you are looking for. Data specified
there will only be used when the local-zone and acl entry matches the tag.

So, for example:

define-tag: "foo bar"
local-zone: "example." redirect
local-zone-tag: "example." "foo bar"

access-control-tag: "foo"
access-control-tag: "bar"
access-control-tag-data: "foo1" 'TXT "foo data"'
access-control-tag-data: "foo2" 'TXT "bar data"'

-- Ralph

On 03-10-16 01:28, Leo Krüger via Unbound-users wrote:
> Hi everybody,
> we have a use-case where it is necessary that requests from several IP
> networks are handled differently. Depending on the network the
> requesting IP is from, requests for a specific zone should be answered
> differently.
> I already had a look at the config options local-data, local-zone,
> local-zone-tag, access-control-tag, access-control-tag-action and
> access-control-tag-data.
> For the last three it seems as if it is not possible to set redirect
> data for a specific zone, but only for all queries. For the first three
> it does not seem to be possible to define one zone with different
> content depending on the tag.
> Is it even possible to configure unbound in the way needed for our use-case?
> I would really appreciate your help!
> Kind regards,
> Leo

More information about the Unbound-users mailing list