Configuration issue
Aggelos Kanarelis
Aggelos.Kanarelis at artsalliancemedia.com
Mon Nov 27 13:42:47 UTC 2017
I don't think this is working
nslookup facebook.com unboundIP
Server: UnKnown
Address: unbound IP
Non-authoritative answer:
Name: facebook.com
Addresses: 2a03:2880:f101:83:face:b00c:0:25de
31.13.76.68
I run an unbound-control reload before to read the config file again and flush the cache.
What if I create a wildcard forward zone and send it to something like i.am.not.resolving.this.net?
Aggelos Kanarelis
Systems Engineer
Arts Alliance Media Ltd
T: +44 (0)20 7751 7525 / M: +44 (0) 7809427708
Aggelos.kanarelis at artsalliancemedia.com
www.artsalliancemedia.com
Landmark House
Hammersmith Bridge Road
London W6 9EJ
Follow us on Twitter / Facebook / LinkedIn
-----Original Message-----
From: Sonic [mailto:sonicsmith at gmail.com]
Sent: 27 November 2017 13:26
To: Aggelos Kanarelis <Aggelos.Kanarelis at artsalliancemedia.com>
Cc: unbound-users at unbound.net
Subject: Re: Configuration issue
On Mon, Nov 27, 2017 at 8:10 AM, Aggelos Kanarelis <Aggelos.Kanarelis at artsalliancemedia.com> wrote:
>
> Thanks for your reply, but that will only have the queries answered by a different server. I don't want them answered at all. The endpoints that will be configured with that DNS server must only be able to resolve the domains that I will specifically configure with a forward zone. Everything else must be denied, sorry if I wasn't clear enough in my initial query.
>
Guess I misread that. Then don't use a wildcard forward and drop the validator module from the configuration):
module-config: iterator
Then unbound can only answer the configured forwards, stub-zones, and local data.
Is that what you want?
More information about the Unbound-users
mailing list