unbound behind NAT: Unbound must forward to a more capable name server

George Thessalonikefs george at nlnetlabs.nl
Thu Nov 28 16:27:14 UTC 2019

Something that is not clear to me:
Is the nameserver behind the NAT also reachable from outside the NAT?

-- George

On 28/11/2019 16:12, Felipe Gasper via Unbound-users wrote:
>> Le 28 nov. 2019 à 09:39, John Levine via Unbound-users <unbound-users at nlnetlabs.nl> a écrit :
>> In article <801702592.4201244.1574944721522 at mail.yahoo.com> you write:
>>> -=-=-=-=-=-
>>> My understanding is that unbound can not do fully-recursive resolves.
>>> It requires a name server that is able to query the root name servers, ...
>> You are mistaken.  Unbound is a recursive resolver which can query the
>> root and other authoritative zones just fine.  It also works on networks
>> behind NAT.  If it didn't, I wouldn't be able to send this message.
> Re NAT: It’ll work for resolutions that don’t require loopback, but if an authoritative nameserver is behind the same NAT, Unbound apparently requires loopback NAT in order to query that nameserver’s domains because there’s no way to teach the resolver to do NAT translation via unbound.conf.
> -F

More information about the Unbound-users mailing list