auth-zone and CNAME record...still not working?
ralph at nlnetlabs.nl
Thu Mar 29 14:43:29 UTC 2018
Not sure what this classical handicap is, but why wouldn't you use
local-data here? This should do the trick:
local-zone: "git.internalzone.io" redirect
local-data: "git.internalzone.io. CNAME git.realzone.com."
On 29-03-18 16:03, jpdolz via Unbound-users wrote:
> Hello guys,
> this week I've been playing with the new "auth-zone" feature of 1.7
> version, trying to fix the "classical" handicap with the CNAME record.
> Having a look to the documentation and to the mailing list I understood
> that using the new feature we'd finally have an "authoritative" DNS
> server and then we'd be able to use a functional CNAME record (
> resolving the IP behind the name )
> But, fiasco, that never happened :-(
> Here I put my configuration for the unbound.conf file and also the
> definition of the zone used:
>>>>> internalzone-file <<<<
> internalzone.io <http://internalzone.io/>. SOA ns.internalzone.io
> <http://ns.internalzone.io/>. hostmaster.internalzone.io
> <http://hostmaster.internalzone.io/>. (
> 1998092901 ; Serial number
> 60 ; Refresh 1 minute
> 1800 ; Retry 30 minutes
> 3600000 ; Expire 41.67 days
> 172800 ) ; Minimum TTL 2 days
> internalzone.io <http://internalzone.io/>. NS
> ns.internalzone.io <http://ns.internalzone.io/>.
> internalzone.io <http://internalzone.io/>. A 192.168.0.2
> git.internalzone.io <http://git.internalzone.io/>. CNAME
> git.realzone.com <http://git.realzone.com/>.
>>>>> unbound.conf <<<<
> name: "realzone.com <http://realzone.com/>"
> stub-host: ns-XXXX.awsdns-YY.co.uk <http://ns-xxxx.awsdns-yy.co.uk/>.
> name: "internalzone.io <http://internalzone.io/>"
> zonefile: internalzone.file
> Of course, I tried all the possible combinations
> with *for-upstream *and* **for-downstream *and nor didn't work.
> Please, if anyone knows a way to do it just using unbound I'd be very
> happy, if not, it would be super useful to have a clear answer about the
> no feasibility to get the required scenario working.
> Thanks in advance!!!!
More information about the Unbound-users