Maintained by: NLnet Labs

[Unbound-users] per-forwarder source address?

lst_hoe02 at kwsoft.de
Fri Mar 23 16:09:23 CET 2012


Zitat von Michael Tokarev <mjt at tls.msk.ru>:

> Hello.
>
> I've a multi-homed host here, in DMZ, with unbound
> running on it.  The internal network has its own
> auth nameservers and its own domain names.  The
> host in question has regular externally-accessible
> IP addresses (several) and 192.168.* addresses for
> access of internal LAN.
>
> And the issue I'm seeing is - unability to configure
> "regular" outgoing address (outgoing-interface) which
> should be one of these external IPs, together with
> using one of internal addresses when contacting the
> forwarders.
>
> I wonder if something like this:
>
> forward-zone:
>  name: "foo.example.com"
>  forward-address 192.168.1.2 at 53:192.168.1.1
>
> may help?  Or alternatively, even an additional
> section like
>
> server:
>  name: "internal-resolver"
>  address: 192.168.1.2 at 53
>  outgoing-interface: 192.168.1.1
> forward-zone:
>  name: "foo.example.com"
>  forward-server: internal-resolver
>
> is worth to implement?
>
> The same applies to nsd but at different "angle",
> I'll post a separate message there...
>
> Thanks!
>
> /mjt

Not sure if i have understand it, but looks like a similar issue here:

http://unbound.net/pipermail/unbound-users/2009-February/000448.html

Regards

Andreas