forwardonly

[richard lucassen]

Hello list,

Something that the manpage does not mention when unbound is used as
caching forwardonly server:

forward-zone:
    name: .
    forward-addr: 1.1.1.1
    forward-addr: 8.8.8.8
    forward-addr: 8.8.4.4
    forward-addr: 9.9.9.9

Using this config, I see traffic go to 1.1.1.1 and 8.8.8.8, but nothing
to 8.8.4.4 and 9.9.9.9. The manpage says:

There may be multiple forward-zone: clauses. Each with a name: and zero
or  more  hostnames or IP addresses.  For the forward zone this
list of nameservers is used to forward the queries to. The  servers
listed  as forward-host:  and  forward-addr:  have to handle further
recursion for the query.

What I see using tcpdump is that the first two entries are used in more
or less a round-robin manner. And probably (I guess) the 3rd and 4th
entry are used when the first two nameserver fail.

Is that assumption correct? Can anyone shine a light on this matter?

BTW: what is the reason that a forward zone can have zero entries?
Is it used to blackhole a particular zone?

R.

-- 
richard lucassen
http://contact.xaq.nl/