Maintained by: NLnet Labs

Have caching mode send authoritative replies

Brad Bendy
Wed Sep 14 06:00:50 CEST 2016


HI,

Ive got Unbound setup to query a custom Python script to get DNS
queries, which works perfect and zones are returned as authoritative
with no issues.

We want to have Unbound run in front of this server as a cache server
that sends all queries to the backend Unbound server with the Python
script for obvious reasons. The problem we are running into is the
cache is not returning the aa flag on the query, even though the other
server is returning the aa flag. From what I can tell the only way
around this is to setup stub zones in the cache server so it will
answer authoritatively, is this the case?

We are trying to avoid having to touch the cache server at all when a
zone is added as that's the whole point of the Python based backend on
the other server, so it can be 100% dynamic and flexible. Is there
some way to have the cache one answer as auth and im just not seeing
it somewhere?

We are just doing the below to have the cache talk to the Python/auth server.
forward-zone:
       name: "."
       forward-addr:x.x.y.z

Thanks