Hi, I run unbound as a resolver and I've configured it with a stub zone for reverse DNS on a local subnet we use internally, however it doesn't seem to send the requests for the zone to the IP specified in the sub-zone config. I looked in the archives and found someone else with a similar problem: http://www.unbound.net/pipermail/unbound-users/2009-May/000583.html The solution there also works for me. Before this, I had configured unbound with: stub-zone: name: "10.10.10.in-addr.arpa." stub-addr: a.b.c.d and with that config I get an answer like this from unbound: ; <<>> DiG 9.5.1-P3 <<>> -t ns 10.10.10.in-addr.arpa. @x.x.x.x ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16381 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;10.10.10.in-addr.arpa. IN NS ;; AUTHORITY SECTION: 10.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800 If I then apply the 'fix' from the post above: "local-zone: "10.in-addr.arpa." nodefault" It answers correctly with the details from the server specified in the stub address. I am not serving any zones from unbound- it is acting purely as a resolver so this seems like unbound is serving the 10.in-addr.arpa. authority bit when it hasn't been configured to do so. Any ideas why it's doing this? I'm using the Debian Lenny package (1.0.2-1+lenny1) on this box, but it seems to do the same with 1.4.1 built from source. john