Forwarding requests for 10.in-addr.arpa

Thomas_E_Spanjaard · April 24, 2010, 6:58pm

I seem to be at a loss how to get requests for anything in
10.in-addr.arpa. to end up at some other configured nameserver. Right
now I have
  local-zone: "10.in-addr.arpa." nodefault
and
  stub-zone:
    name: "10.in-addr.arpa."
    stub-host: 10.64.2.1
but requests never end up on the stub-host. If I s/stub/forward/, it's
the same behaviour. What else do I need to configure to make Unbound
actually forward requests for anything in 10.in-addr.arpa. to my
nameserver of choice?

Cheers,

PaulWouters · April 25, 2010, 5:53pm

What if you add stub-prime: "no" ?

Paul

Chris_Smith · April 25, 2010, 6:07pm

I use a combination of:
local-zone: "7.168.192.in-addr.arpa." transparent
and
stub-zone:
name: "7.168.192.in-addr.arpa"
stub-addr: 192.168.107.4

Has worked fine with every version of Unbound (currently using svn
trunk) on several servers.

Chris_Smith · April 25, 2010, 8:39pm

Tested with nodefault instead of transparent - doesn't work here.

Chris

Wouter · April 26, 2010, 12:34pm

Hi,

I seem to be at a loss how to get requests for anything in
10.in-addr.arpa. to end up at some other configured nameserver. Right
now I have
       local-zone: "10.in-addr.arpa." nodefault
and
       stub-zone:
               name: "10.in-addr.arpa."
               stub-host: 10.64.2.1

You mean stub-addr, not stub-host. Now unbound tries to resolve the
domain name '10.64.2.1', but that does not exist.

I use a combination of:
local-zone: "7.168.192.in-addr.arpa." transparent
and
stub-zone:
name: "7.168.192.in-addr.arpa"
stub-addr: 192.168.107.4

And you need transparent because 168.192.in-addr.arpa. is blocked by
default and the 7.168.192.in-addr.arpa. locally overrides that default.
A nodefault for the entire 168.192 range would work, but leave the rest
of 168.192 uncovered, so your current setup is best.

Best regards,
Wouter

Thomas_E_Spanjaard · April 30, 2010, 7:23pm

W.C.A. Wijngaards wrote:

You mean stub-addr, not stub-host. Now unbound tries to resolve the
domain name '10.64.2.1', but that does not exist.

I use a combination of:
local-zone: "7.168.192.in-addr.arpa." transparent
and
stub-zone:
name: "7.168.192.in-addr.arpa"
stub-addr: 192.168.107.4

And you need transparent because 168.192.in-addr.arpa. is blocked by
default and the 7.168.192.in-addr.arpa. locally overrides that default.
A nodefault for the entire 168.192 range would work, but leave the rest
of 168.192 uncovered, so your current setup is best.

Thanks all, that worked.

Cheers,