Maintained by: NLnet Labs

Resolve dependent on source IP of request?

Leo Krüger
Mon Oct 3 22:02:54 CEST 2016


Hi Ralph,

thanks for the quick response. Works for me now.

Kind regards
Leo

Am 03.10.2016 um 15:36 schrieb Ralph Dolmans via Unbound-users:
> Hi Leo,
> 
> access-control-tag-data is what you are looking for. Data specified
> there will only be used when the local-zone and acl entry matches the tag.
> 
> So, for example:
> 
> define-tag: "foo bar"
> local-zone: "example." redirect
> local-zone-tag: "example." "foo bar"
> 
> access-control-tag: 10.10.10.10/32 "foo"
> access-control-tag: 10.10.10.20/32 "bar"
> access-control-tag-data: 10.10.10.10/32 "foo1" 'TXT "foo data"'
> access-control-tag-data: 10.10.10.20/32 "foo2" 'TXT "bar data"'
> 
> Regards,
> -- Ralph
> 
> On 03-10-16 01:28, Leo Krüger via Unbound-users wrote:
>> Hi everybody,
>>
>> we have a use-case where it is necessary that requests from several IP
>> networks are handled differently. Depending on the network the
>> requesting IP is from, requests for a specific zone should be answered
>> differently.
>>
>> I already had a look at the config options local-data, local-zone,
>> local-zone-tag, access-control-tag, access-control-tag-action and
>> access-control-tag-data.
>>
>> For the last three it seems as if it is not possible to set redirect
>> data for a specific zone, but only for all queries. For the first three
>> it does not seem to be possible to define one zone with different
>> content depending on the tag.
>>
>> Is it even possible to configure unbound in the way needed for our use-case?
>>
>> I would really appreciate your help!
>> Kind regards,
>> Leo
>>