Maintained by: NLnet Labs

[Unbound-users] per-forwarder source address?

Michael Tokarev
Tue May 1 08:15:26 CEST 2012


Any comments on this?  I can try to implement it
but I've no idea if this is considered useful at
all.  To me it is - obviously - useful ;)

Thanks!

/mjt

On 19.03.2012 00:07, Michael Tokarev wrote:
> Hello.
> 
> I've a multi-homed host here, in DMZ, with unbound
> running on it.  The internal network has its own
> auth nameservers and its own domain names.  The
> host in question has regular externally-accessible
> IP addresses (several) and 192.168.* addresses for
> access of internal LAN.
> 
> And the issue I'm seeing is - unability to configure
> "regular" outgoing address (outgoing-interface) which
> should be one of these external IPs, together with
> using one of internal addresses when contacting the
> forwarders.
> 
> I wonder if something like this:
> 
> forward-zone:
>  name: "foo.example.com"
>  forward-address 192.168.1.2 at 53:192.168.1.1
> 
> may help?  Or alternatively, even an additional
> section like
> 
> server:
>  name: "internal-resolver"
>  address: 192.168.1.2 at 53
>  outgoing-interface: 192.168.1.1
> forward-zone:
>  name: "foo.example.com"
>  forward-server: internal-resolver
> 
> is worth to implement?
> 
> The same applies to nsd but at different "angle",
> I'll post a separate message there...
> 
> Thanks!
> 
> /mjt
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users