forward subzones for auth-zone?
Michael Tokarev
mjt at tls.msk.ru
Tue Feb 8 20:00:47 UTC 2022
Hi!
It looks like unbound, at least the one I use here (1.13.1),
can not use one zone on top of another. Or maybe I don't
understand something.
For example:
auth-zone:
name: "example.net"
zonefile: "example.net"
forward-zone:
name: "foo.example.net"
forward-addr: 127.0.0.16
with this config. querying *.foo.example.net immediately
results in NXDOMAIN, unbound does not even try to forward
name anywhere, like this:
info: auth_zone example.net. query foo.example.net. ANY, domain example.net. notexact notexist, ce example.net., rrset NULL
info: auth_zone example.net. query bar.foo.example.net. ANY, domain example.net. notexact notexist, ce example.net., rrset NULL
Is there a way to "override" part of an auth zone to another
forwarder?
It has a practical (maybe?) usage. I used unbound on a LAN for quite some
time, now I've added a windows AD domain to it, and want to forward some
subzones to the AD DC DNS server, instead of moving all DNS to AD.
Thanks!
/mjt
More information about the Unbound-users
mailing list