Stub-zone behavior

Wouter Wijngaards wouter at
Thu Feb 28 15:11:00 UTC 2019

Hi Laert,

On 2/28/19 4:03 PM, Laert Klemo via Unbound-users wrote:
> Hello,
> i have a situation with a stub zone domain. 

This looks like a bug that was solved a couple versions ago, we had a
couple similar situations, and those bugs all got fixed.  If you upgrade
to the latest version of Unbound, this problem should go away?

Best regards, Wouter

> domain: <>
> this domain is public also the same is used for local AD.
> i have unbound configured to serve local users:
> forward-zone: "." to ISP dns
> stub-zone " <>" to our internal
> authoritative server (AD/DC)
> also put local-domain in server section.
> everything works fine during the time that the AD/DC server is reachable
> from Unbound.
> all <> are returned their
> internal IP 192.168.X.X
> although i noticed when Unbound can not connect with AD/DC server 
> the resolved IP for <> return
> their public IP (the one that have one, like mail.www. etc)
> is this normal ?
> is there any way to prevent Unbound looking up in forward zone for
> <> and to give fail or nx in case is not
> able to get response from the stub-zone server i have appointed.
> thank you

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Unbound-users mailing list