Maintained by: NLnet Labs

unbound not accepting a stub or forward pointing to a loopback interface.

Sonic
Sat May 21 19:39:30 CEST 2016


On Fri, May 20, 2016 at 7:13 PM, Måns Nilsson via Unbound-users
<unbound-users at unbound.net> wrote:
> Bonus question: Forward or Stub? I never really got through to understand
> the differences ;-)

Generally it's: Stub - to an authoritative server. Forward - to
another cache/resolver.

Typically, for an internal use only authoritative server, I run NSD on
an alternate port on the loopback interface:
===================
server:
       ip-address: 127.0.0.1
       port: 5353
zone:
       name: "example.org"
       zonefile: "example.org.zone"
===================

This allows Unbound to listen on port 53 and bind to the loopback
address as well as others:
===================
server:
      interface: 127.0.0.1
      interface: 192.168.1.1
      port: 53
stub-zone:
       name: "example.org"
       stub-addr: 127.0.0.1 at 5353
forward-zone:
        name: "."
        forward-addr: 8.8.8.8
        forward-addr: 8.8.4.4
===================

===================
# cat /etc/resolv.conf
domain example.org
nameserver 127.0.0.1
===================

Chris