(re)adding local resolver.arpa zone
Otto Retter
otto at relax.theregoesmy.email
Thu Oct 16 17:31:00 UTC 2025
Havard Eidnes via Unbound-users wrote:
> However, I am having a hard time getting my unbound 1.23.1 to
> properly load and use my own local resolver.arpa zone.
>
> # unbound-control list_local_zones
>
> says among other things
>
> service.arpa. static
> resolver.arpa. static
> test. static
>
>
> % dig @$unbound_server resolver.arpa. soa
> ...
> ;; ANSWER SECTION:
> resolver.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800
> ...
>
Hi Havard,
I think you need to set the zone to 'nodefault'. From Unbound conf
documentation:
# By default, for a number of zones a small default 'nothing here'
# reply is built-in. Query traffic is thus blocked. If you
# wish to serve such zone you can unblock them by uncommenting one
# of the nodefault statements below.
# You may also have to use domain-insecure: zone to make DNSSEC work,
# unless you have your own trust anchors for this zone.
...
# local-zone: "resolver.arpa." nodefault
...
HTH,
Otto
More information about the Unbound-users
mailing list