Unbound unfiltered answers

[Sergey Sedov]

Hi,I have a Win10 machine running unbound v1.22 and serving as a simple DoT forwarder and as a resolver. I want to configure unbound server to act as a transparent resolver for another client machine, i.e. to provide with "A" records even if they contain private addresses. There is a [private-domain: <domain name>] setting which disables DNS Rebind protection for the specified domain and enables such answers to the client.I made some experiments with this setting but could't get any answer for "A" record with private address on a client machine. For example, if I try to get an answer for corp.com domain (which is a real Microsoft domain) that has "A" record 127.0.53.53, I can see an answer in nslookup on a server machine, and can't get an answer on a client machine. I tried to use [private-domain: corp.com] and [private-domain: "."] settings without any success. So, nslookup on a server always sees "A" records with private networks even without private-domain setting. Client machine never receives answers from unbound machine for requests which resolved to private addresses.How to configure unbound server to provide with unfiltered answers [private-domain: "."] to the client machine with all networks? Thanks,Sergey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20241213/044d4d7b/attachment.htm>