Maintained by: NLnet Labs

[Unbound-users] forward-zone & NS delegation not working as expected

Felix Schueren
Mon Oct 26 17:32:59 CET 2009


We're seeing the following problematic behaviour (with 1.3.4):


a)
forward-zone:
  name "domain.tld"
  forward-addr: a

b)
there exists sub.domain.tld - a DDNS subdomain with active directory
stuff. When querying a for "sub.domain.tld", it returns IN NS records
pointing to servers x, y, z.

c)
when querying for host.sub.domain.tld, the request does NOT get sent to
x, y, z by unbound but gets forwarded to a (which does not know how to
answer the request).


The workaround is currently to setup
forward-zone:
  name "sub.domain.tld"
  forward-addr: x
  forward-addr: y
  forward-addr: z

but that's annoying as the actual nameservers returned by a for
sub.domain.tld change sometimes, which means having to change the
unbound forward config.

Our old dnscache setup handled this configuration out of the box without
special forwarding rules for the more-specific sub.domain.tld

any thoughts?

Kind regards,

Felix


-- 
Felix Schüren
Head of Network

-----------------------------------------------------------------------
Host Europe GmbH - http://www.hosteurope.de
Welserstraße 14 - 51149 Köln - Germany
Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
Geschäftsführer:
Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller

(*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend