PTR's for private address space

Unbound
1

Hi,

I have the following scenario.

Unbound server on private address network (192.168) which I want to run as a local cache.

A windows box on the same network is the only box allowed to do DNS lookups, along with it also serving PTR requests for the private address
range (mostly DHCP assigned addresses)

I want the unbound box to forward all queries to the windows box (including reverse queries for the 192.168 range) and then cache those entries.

I have the following in place for the request forwarding

forward-zone:
name: “.”
forward-addr:

which works for all forward lookups

When I do a reverse lookup I get the following

;; AUTHORITY SECTION:
168.192.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800

but when I query the windows box directly I get the correct answer.

Is it possible to get unbound to answer for the reverse entries ?

Cheers,

Gareth

2

Is it possible to get unbound to answer for the reverse entries ?

Methinks the following should do the trick:

forward-zone:
  name: "168.192.in-addr.arpa."
  forward-addr: <windows box>

Regards,

        -JP

3

Hello Gareth,

4

Hi JP,

I did try that but had the same problem :frowning:

5

Hi Jeroen,

That did it, Thanks very much :slight_smile:

Cheers,

Gareth

6

> I believe you should add
> local-zone: 168.192.in-addr.arpa. nodefault

Sorry -- forgot to mention that.

        -JP

7

No Worries. All working. Thanks very much everyone.

8

If you're just using a /24 then changing this to something like:

9

This "in this example anything not in 192.168.1" should more correctly
read "in this example anything not in 192.168.1 but in 192.168".

This is also useful if you use Unbound as a resolver. It will prevent
such PTR queries from being leaked to the Internet and requiring an
answer from the arin servers.

Chris