forward-zone disabled in view or something equivalent?
François Lafont
francois.lafont.1978 at gmail.com
Sun Jul 6 20:19:43 UTC 2025
Hi,
I would like to known if it's possible to disable a forward-zone
for a specific view? Or if it's possible to do this in a different
way?
Let me show you a quick example with this configuration:
----------------------------------------
server:
# [...]
access-control-view: 10.111.222.0/24 myview
view:
name: myview
view-first: no
local-zone: "domain.tld." always_nxdomain
forward-zone:
name: "domain.tld."
forward-addr: A.B.C.D
forward-addr: W.X.Y.Z
----------------------------------------
There is a forward-zone in global configuration. But this forward-zone
is "disabled" for the client in myview (clients in 10.111.222.0/24).
For these clients, the zone is a "NXDOMAIN" zone.
So, in a way, the forward-zone is disabled for myview, but the forward-zone
is replaced by a NXDOMAIN. Is it possible to:
* remove the NXDOMAIN local-zone for myview,
* and allow DNS resolution in the zone "domain.tld." but without using the
forwarders. I would like that DNS resolutions in zone "domain.tld."
are made via a "classical" way (ie root DNS etc. but without using the
forward-zone).
Is it possible to do that? If not, maybe with another mechanism than view?
Thanks for your help.
--
François Lafont
More information about the Unbound-users
mailing list