Stub-zone behavior
Wouter Wijngaards
wouter at nlnetlabs.nl
Thu Feb 28 15:11:00 UTC 2019
Hi Laert,
On 2/28/19 4:03 PM, Laert Klemo via Unbound-users wrote:
> Hello,
>
> i have a situation with a stub zone domain.
This looks like a bug that was solved a couple versions ago, we had a
couple similar situations, and those bugs all got fixed. If you upgrade
to the latest version of Unbound, this problem should go away?
Best regards, Wouter
>
> domain: example.com <http://example.com>
> this domain is public also the same is used for local AD.
>
> i have unbound configured to serve local users:
> forward-zone: "." to ISP dns
> stub-zone "example.com <http://example.com>" to our internal
> authoritative server (AD/DC)
>
> also put local-domain in server section.
>
> everything works fine during the time that the AD/DC server is reachable
> from Unbound.
> all host.example.com <http://host.example.com> are returned their
> internal IP 192.168.X.X
>
> although i noticed when Unbound can not connect with AD/DC server
> the resolved IP for host.example.com <http://host.example.com> return
> their public IP (the one that have one, like mail.www. etc)
>
> is this normal ?
>
> is there any way to prevent Unbound looking up in forward zone for
> example.com <http://example.com> and to give fail or nx in case is not
> able to get response from the stub-zone server i have appointed.
>
> thank you
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190228/13dbbed3/attachment.bin>
More information about the Unbound-users
mailing list