Help forwarding PTR queries from Unbound to Knot DNS
April Conger
april at econger.com
Fri Oct 4 20:49:46 UTC 2024
Hi all,
I'm setting up Unbound in my home lab and am having trouble forwarding PTR
queries to my Knot DNS server. My A queries for `econger.net` work fine,
but reverse lookups for the 10.0.0.0/24 range appear to follow the normal
recursion path to the root servers, as indicated by my query logs.
Here is my test configuration:
remote-control:
control-enable: yes
control-interface: /run/unbound.ctl
server:
verbosity: 3
log-servfail: yes
auto-trust-anchor-file: "/var/lib/unbound/root.key"
qname-minimisation: yes
interface: 10.0.0.11
access-control: 10.0.0.0/16 allow
private-address: 10.0.0.0/24
private-domain: econger.net.
private-domain: 0.0.10.in-addr.arpa.
stub-zone:
name: "econger.net."
stub-addr: 10.0.0.14
stub-zone:
name: "0.0.10.in-addr.arpa."
stub-addr: 10.0.0.14
While the econger.net stub works fine, the 0.0.10.in-addr.arpa stub does
not. I also tried configuring these as forward-zone entries using
forward-addr, but I got the same result.
Here’s the error I see during reverse lookups:
root at raspy1:/etc/unbound# nslookup 10.0.0.1 10.0.0.11
** server can't find 1.0.0.10.in-addr.arpa: NXDOMAIN
However, querying the same address directly from my Knot DNS server works
fine:
root at raspy1:/etc/unbound# nslookup 10.0.0.1 10.0.0.14
1.0.0.10.in-addr.arpa name = fw1.econger.net.
I'm using Unbound version 1.19.2-1ubuntu3.2 on Ubuntu 24.04.1 on a
Raspberry Pi 3 B+, and Knot DNS version 3.3.4-1.1build2 on the same
hardware/OS combo.
Any advice on what might be wrong or how to resolve the issue would be
greatly appreciated!
Thanks,
April
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20241004/8135f35a/attachment.htm>
More information about the Unbound-users
mailing list