Hello,
I try to archive a bit custom goal: I need to use DNS that reply to queries for several domains only. That is, I set up unbound, then add for every domain I need another "forward" block and then I see that for these domains unbound uses "forward" settings but for other domains it uses system nameserver (ones from /etc/resolv.conf).
So the question is: how can I make unbound not to use any external DNS except for zones I set in "forward" blocks?
I understand that main purpose for unbound is answer any query and try never to refuse any of use query, but for now I need very restrictive DNS resolver.
Thank you in advance for your advice!
Yours,
Alexander
Zitat von Alexander Chekalin <achekalin@lazurit.com>:
So the question is: how can I make unbound not to use any external DNS except for zones I set in "forward" blocks?
untested ideas:
forward the zone "." to
- an nonexisting server
- a server thar dont run a nameserver
- to an nameserver serving an empty zone "."
also look for "local-zone" and "local-data" in the manpage
maybe local-zone: "." refuse ???
Andreas
Hi Alexander,
So the question is: how can I make unbound not to use any external DNS
except for zones I set in "forward" blocks?
I suspect the following thread is of your interest where unbound is used
as a cache in front of a slow authoritative server. Queries for other
domains are to be refused.
https://unbound.nlnetlabs.nl/pipermail/unbound-users/2013-October/003061.html
Regards,
Yuri