Maintained by: NLnet Labs

simplest way to forward to diff resolver based on src

Spike
Mon Apr 10 04:31:25 CEST 2017


Dear all,

I have a default unbound instance for the lan and I'd like to add two more
specialized ones (python scripting is involved) and direct queries to those
depending on client.

So all machines get default dns 1.1.1.1, but when queries come in on that
machine unbound would look at the src and:
- if in range 1.1.1.x just resolve it
- if in range 1.1.2.x send it to 1.1.2.1
- if in range 1.1.3.x send it to 1.1.2.3

I can't see a simple way of doing that, the forward zones seems to be based
on destination, not source, and a firewall would involve natting which
isn't great.
Also caching seems to be an issue, the fw zones are used if a response
cannot be found from cache afaik. My scenario requires that requests from
ranges 2 and 3 are never cached and requests always forwarded.

any common/clean way of doing this?

thanks,

Spike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20170410/926fd12a/attachment.html>