Hi,
I've been looking at configuring a forward-zone: to punt
10.in-addr.arpa. to an internal server, but it seems unbound
is giving its own builtin answer:
10.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800
I've tried specifying it directly into unbound.conf:
forward-zone:
name: "10.in-addr.arpa."
forward-addr: 10.1.2.3
The man page says forward-zone is always allowed to contain private data
from RFC1918.
Am I missing something?
Paul
Paul Wouters wrote:
I've been looking at configuring a forward-zone: to punt
10.in-addr.arpa. to an internal server, but it seems unbound
is giving its own builtin answer:10.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800
I've tried specifying it directly into unbound.conf:
forward-zone:
name: "10.in-addr.arpa."
forward-addr: 10.1.2.3The man page says forward-zone is always allowed to contain private data
from RFC1918.Am I missing something?
i think you also need to turn off the builtin AS112 zone content.
something like this?
server:
local-zone: "10.in-addr.arpa" nodefault
forward-zone:
name: "10.in-addr.arpa."
forward-addr: 10.1.2.3
That changes the answer, but still not right:
. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012092601 1800 900 604800 86400
Paul
I use "transparent" to disable the builtin AS112 functions.
server:
local-zone: "10.in-addr.arpa." transparent
aha! That works great! Thanks!
Paul