Can I tell unbound to forward all requests except for some domains?

Gerben Wierda gerben.wierda at rna.nl
Sat Mar 5 02:14:49 UTC 2022 

Yes, that is what I thought a while back, so I decided at the time to test with this:

forward-zone:
       name: "apple.com."
       forward-addr: 8.8.8.8 at 53 # testing if I can forward based on fqdn

forward-zone:
        name: "."
        # If the forwarding fails, do your own recursion
        forward-first: yes
        # Quad9 phising/malware site blocking DNS 9.9.9.9
        forward-addr: 9.9.9.9

to see if that worked, but all the request kept being forwarded to 9.9.9.9 at the time. I gave up at the time (for another reason) but now I need it again.

Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
R&A IT Strategy <https://ea.rna.nl/> (main site)
Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>

> On 5 Mar 2022, at 03:03, Steven Wills <steven at swills.me> wrote:
> 
> Hello,
> 
> I think what you want is a Forward Zone.
> 
> 
> https://docs.netgate.com/tnsr/en/latest/dns/fwd-zone.html <https://docs.netgate.com/tnsr/en/latest/dns/fwd-zone.html>
> 
> Thank you,
> Steven
> 
> 
> 
> 
> 
> 
> -------- Original Message --------
> On Mar 4, 2022, 19:36, Gerben Wierda via Unbound-users < unbound-users at lists.nlnetlabs.nl> wrote:
> 
> I am using unbound and it is configured to use cloud9 as a forwarder.
> 
> But spamhaus.org <http://spamhaus.org/> DNSBL will not answer requests for IP addresses from public DNS, such as cloud9.
> 
> So, what I would like to do is configure unbound in such a way that it always goes to cloud9, except when the query is about spamhaus.org <http://spamhaus.org/>. Can I do that?
> 
> If that is not possible, I would like to configure unbound that is forwards everything to cloud9, unless it comes from a specific set of local IP addresses. Is that possible?
> 
> Thanks,
> 
> Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
> R&A IT Strategy <https://ea.rna.nl/> (main site)
> Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
> Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20220305/a5d06517/attachment-0001.htm>

More information about the Unbound-users mailing list