Maintained by: NLnet Labs

[Unbound-users] forward zone vs stub

Kapetanakis Giannis
Tue Oct 23 12:17:38 CEST 2012

On 23/10/12 12:56, Johan Ihrén wrote:
> I think you need to be significantly more specific in what you're doing here.
> You have an external version of "", presumably with nameservers on the public Internet.
> You also have an internal version of "", presumably with nameservers on the inside, specifically
> Which zone file is it that contains "external authoritative DNS servers as well"?
> And if you're using views (apart from the "God help you"-part), then you need to explain that, including your matching rules and what it is that you're trying to achieve.
> Regards,
> Johan (firm believer in "DNS should be kept simple")

You're right about the views. The views are on BIND (authoritative) and 
have different data for external clients.

What I really want is my internal users to use unbound servers with the 
following options:

a) unbound should forward all requests for local zones (*, 
123.123.x.x, 10.x.x.x) to local authoritative servers (BIND)
b) the local zones should not be cached on the unbound because I want 
the updates to be automatically propagated.

In another similar setup (but with bind only) the the caching server is 
also secondary for each zone, but is not listed in the NS records.

thanks again