Stub-zone behavior

Laert Klemo k.laert at gmail.com
Thu Feb 28 15:03:49 UTC 2019


Hello,

i have a situation with a stub zone domain.

domain: example.com
this domain is public also the same is used for local AD.

i have unbound configured to serve local users:
forward-zone: "." to ISP dns
stub-zone "example.com" to our internal authoritative server (AD/DC)

also put local-domain in server section.

everything works fine during the time that the AD/DC server is reachable
from Unbound.
all  host.example.com are returned their internal IP 192.168.X.X

although i noticed when Unbound can not connect with AD/DC server
the resolved IP for host.example.com return their public IP (the one that
have one, like mail.www. etc)

is this normal ?

is there any way to prevent Unbound looking up in forward zone for
example.com and to give fail or nx in case is not able to get response from
the stub-zone server i have appointed.

thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190228/87f98273/attachment.htm>


More information about the Unbound-users mailing list