Maintained by: NLnet Labs

[Unbound-users] Configuring CNAME for nosslsearch.google.com

Tobias Krais
Tue Apr 17 15:46:04 CEST 2012


Hi Phil,

> You want something like this:
> 
>  local-zone: "google.com." transparent
>  local-data: "www.google.com. 300 IN CNAME nosslsearch.google.com."

I added this and my unbound restarts correctly, but...

> ...along with the normal unbound.conf config for recursive resolution.

how can I enable recursive resolution?

Here my current unbound.conf:
-----%<-----
server:
    auto-trust-anchor-file: "/var/lib/unbound/root.key"

local-zone: "google.com." transparent
local-data: "www.google.com. 300 IN CNAME nosslsearch.google.com."
-----%<-----

> To repeat what I've said elsewhere: I think this is a bad idea, and you
> shouldn't do it. It breaks DNSSEC, and potentially other things.

I agree. But do you know a better solution for the Google CNAME
suggestion? If not: let's continue ...

Greetings,

Tobias