Forward zones and recusion
Patrik Lundin
patrik at sigterm.se
Thu Jun 6 21:48:39 UTC 2019
On Thu, Jun 06, 2019 at 02:54:35PM +0000, Jaap Winius via Unbound-users wrote:
>
> Hi folks,
>
> Apparently, if a forward zone is added to Unbound, the servers defined in
> that statement must support recursion to other name servers, although I
> assume that's only the case if the zone includes glue records.
>
> Originally, my idea was to follow best practices and disable recursion on
> our (internal) authoritative name servers, while keeping the number of
> forward zones in the Unbound configuration to a minimum, hoping that Unbound
> would follow the glue records to the correct name servers and resolve all of
> the client queries anyway. But, now it looks like that boat was never going
> to sail. Strange, because Unbound does does do this kind of recursion for
> names out on the Internet.
>
> Can anyone explain why Unbound has this limitation? Is it the same for BIND?
>
Are you sure forward-zone is what you want? It sounds to me like
stub-zone is more fitting for your needs.
--
Patrik Lundin
More information about the Unbound-users
mailing list