Configuration issue

Aggelos Kanarelis Aggelos.Kanarelis at
Mon Nov 27 13:42:47 UTC 2017

I don't think this is working

nslookup unboundIP
Server:  UnKnown
Address:  unbound IP

Non-authoritative answer:
Addresses:  2a03:2880:f101:83:face:b00c:0:25de

I run an unbound-control reload before to read the config file again and flush the cache.

What if I create a wildcard forward zone and send it to something like

Aggelos Kanarelis
Systems Engineer

Arts Alliance Media Ltd
T:  +44 (0)20 7751 7525 / M: +44 (0) 7809427708
Aggelos.kanarelis at

Landmark House
Hammersmith Bridge Road
London W6 9EJ

Follow us on  Twitter / Facebook / LinkedIn

-----Original Message-----
From: Sonic [mailto:sonicsmith at] 
Sent: 27 November 2017 13:26
To: Aggelos Kanarelis <Aggelos.Kanarelis at>
Cc: unbound-users at
Subject: Re: Configuration issue

On Mon, Nov 27, 2017 at 8:10 AM, Aggelos Kanarelis <Aggelos.Kanarelis at> wrote:
> Thanks for your reply, but that will only have the queries answered by a different server. I don't want them answered at all. The endpoints that will be configured with that DNS server must only be able to resolve the domains that I will specifically configure with a forward zone. Everything else must be denied, sorry if I wasn't clear enough in my initial query.
Guess I misread that. Then don't use a wildcard forward and drop the validator module from the configuration):

module-config: iterator

Then unbound can only answer the configured forwards, stub-zones, and local data.

Is that what you want?

More information about the Unbound-users mailing list