Maintained by: NLnet Labs

Whitelisting with local-zone + forwarding to local dns server

P T
Fri May 26 18:00:20 CEST 2017


Hey guys, was wondering if you could help me figure out how to configure
unbound.

I would like to setup whitelisting. There was a post which recommended
doing the following:

----

local-zone: "." static

local-zone: "gooddomain.com" transparent
local-zone: "anothergooddomain.com" transparent

----

That works fine. But what I also want to do is the following:

----

forward-zone:
  name: "my.local.zone"
  forward-addr: 172.16.16.1

----

When querying for a record in my.local.zone, I get NXDOMAIN, as if I failed
the whitelist "check". So it seems like the catch-all "." line in
local-zone is being evaluated before forward-zone.

Is there any way around this? If not, is there another way to do
whitelisting?

Thanks for any help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20170526/d961e83c/attachment.html>