Hi,
I have a Win10 machine running unbound v1.22 and serving as a simple DoT forwarder and as a resolver. I want to configure unbound server to act as a transparent resolver for another client machine, i.e. to provide with “A” records even if they contain private addresses. There is a [private-domain: ] setting which disables DNS Rebind protection for the specified domain and enables such answers to the client.
I made some experiments with this setting but could’t get any answer for “A” record with private address on a client machine. For example, if I try to get an answer for corp.com domain (which is a real Microsoft domain) that has “A” record 127.0.53.53, I can see an answer in nslookup on a server machine, and can’t get an answer on a client machine. I tried to use [private-domain: corp.com] and [private-domain: “.”] settings without any success. So, nslookup on a server always sees “A” records with private networks even without private-domain setting. Client machine never receives answers from unbound machine for requests which resolved to private addresses.
How to configure unbound server to provide with unfiltered answers [private-domain: “.”] to the client machine with all networks?
Thanks,
Sergey