Whitelisting with local-zone + forwarding to local dns server

P T m4lk4v at gmail.com
Fri May 26 16:00:20 UTC 2017


Hey guys, was wondering if you could help me figure out how to configure
unbound.

I would like to setup whitelisting. There was a post which recommended
doing the following:

----

local-zone: "." static

local-zone: "gooddomain.com" transparent
local-zone: "anothergooddomain.com" transparent

----

That works fine. But what I also want to do is the following:

----

forward-zone:
  name: "my.local.zone"
  forward-addr: 172.16.16.1

----

When querying for a record in my.local.zone, I get NXDOMAIN, as if I failed
the whitelist "check". So it seems like the catch-all "." line in
local-zone is being evaluated before forward-zone.

Is there any way around this? If not, is there another way to do
whitelisting?

Thanks for any help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20170526/d961e83c/attachment.htm>


More information about the Unbound-users mailing list