Maintained by: NLnet Labs

[Unbound-users] Source based access control in unbound?

Valentin Bud
Fri Dec 14 11:59:21 CET 2012


Hello Andrew,

On Fri, Dec 14, 2012 at 01:59:46PM +0400, Andrew Savchenko wrote:
> Hello,
> 
> is there any way to use source ip based query routing in unbound?
> (In other words I want to do the same as the view clause does in
> bind.)

As far as I know Unbound can't do that (by design). I might be wrong.

> 
> I want to setup unbound and nsd servers serving both public and
> private network areas so, that only selected IP pools will be able to
> resolve a private zone addresses and this zone will be non-existent
> for all other clients.
> 
> As what I've read from nsd docs, it is not capable of view clause
> functionality itself.

Neither does NSD. You might want to take a look over a thread [1] from
Unbound Users from October this year. Especially the answer of Mr. Johan
Ihrén [2]. I'd go that route.


[1]: http://unbound.nlnetlabs.nl/pipermail/unbound-users/2012-October/thread.html
[2]: http://unbound.nlnetlabs.nl/pipermail/unbound-users/2012-October/002646.html

Cheers and Goodwill,
v