auth-zone reverse DNS
ralph at nlnetlabs.nl
Thu Jul 11 12:05:21 UTC 2019
Yes, that works. Note that you can also use auth-zones as long as you
override the local-zone default.
On 11-07-19 14:00, Matt Schwartz via Unbound-users wrote:
> Hi Ralph,
> That's exactly what I ended up doing. I created a file to include with
> the following and it works well.
> local-zone: "0.0.10.in-addr.arpa" static
> local-data-ptr: "10.0.0.1 localhost.my.domain"
> Thanks again!
> On Thu, Jul 11, 2019 at 7:52 AM Ralph Dolmans via Unbound-users
> <unbound-users at nlnetlabs.nl <mailto:unbound-users at nlnetlabs.nl>> wrote:
> Hi Matt,
> Unbound has a default local-zone for that address range. Since
> local-zones are applied before the auth-zone this default is used for
> your query.
> You can override the default like this:
> local-zone: "0.0.10.in-addr.arpa." transparent
> -- Ralph
> On 11-07-19 12:55, Matt Schwartz via Unbound-users wrote:
> > Hi Ralph,
> > Thank you for your response. I made the changes that you
> suggested. Here
> > is what my zone declaration looks like:
> > auth-zone:
> > name: "0.0.10.in-addr.arpa."
> > zonefile: "/etc/unbound/meow.lan.rev"
> > Here is what my zone file looks like:
> > $TTL 30m
> > $ORIGIN 0.0.10.in-addr.arpa.
> > @ SOA 0.0.10.in-addr.arpa. hostmaster.meow.lan. (
> > 2019071105 ;Serial
> > 30m ;Refresh
> > 15m ;Retry
> > 4w ;Expire
> > 30m) ;Min TTL
> > @ IN NS bast.meow.lan.
> > 1 IN PTR bast.meow.lan.
> > 2 IN PTR jaguar.meow.lan.
> > 3 IN PTR ida.meow.lan.
> > 4 IN PTR ollie.meow.lan.
> > All reverse DNS queries result in an NXDOMAIN. I am sure I am doing
> > something wrong.
> > Thank you again,
> > Matt
> > On Thu, Jul 11, 2019 at 5:39 AM Ralph Dolmans via Unbound-users
> > <unbound-users at nlnetlabs.nl <mailto:unbound-users at nlnetlabs.nl>
> <mailto:unbound-users at nlnetlabs.nl
> <mailto:unbound-users at nlnetlabs.nl>>> wrote:
> > Hi Matt,
> > I assume you are querying for 184.108.40.206.in-addr.arpa, this
> domain is not
> > part of your 0.0.0.10.in-addr.arpa zone and therefore is resolved
> > without using the auth-zone.
> > Try using an auth zone for 220.127.116.11.in-addr.arpa itself, or a
> > like 10.in-addr.arpa.
> > -- Ralph
> > On 08-07-19 03:19, Matt Schwartz via Unbound-users wrote:
> > > Hello list,
> > >
> > > I have been playing with Unbound's new-ish auth-zone feature
> and it's
> > > great. However, when I set up an auth-zone for reverse DNS,
> > > returns an NXDOMAIN. Has this just not been implemented yet?
> As a
> > > work-around I've done the following inside of unbound.conf
> > >
> > > local-zone: "0.0.0.10.in-addr.arpa" transparent
> > > local-data-ptr: "10.0.0.1 myhost.mydomain"
> > >
> > > I had the following auth-zone for reverse DNS but it did not
> > > auth-zone:
> > > name: "0.0.0.10.in-addr.arpa"
> > > zonefile: /etc/unbound/myzone
> > > for-downstream: yes
> > >
> > > Thanks,
> > > Matt
More information about the Unbound-users