I am currently on a local aera network where no loop-back is allowed meaning that I cannot reach my public IP address from the local network.
Several services need to be migrated in my local area network whilst keeping the domain name because we need to reach our services both from an external access and also while connected locally. To achieve this, we set up an internal DNS server with Unbound. This works well with full domain names and subdomains that are known from our team.
The problem we have is that when a subdomain is unknown, we need this subdomain to reach outside the local area network. We can achieve this by manually setting up each needed subdomains but this is not possible because we have a lot of them now and for the future.
So the question is: is it possible to make unknown subdomain reach an external DNS server and how?
Here is the Unbound configuration:
server:
verbosity: 1
interface: xxx.xxx.xxx.xxx
port: 53
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
access-control: xxx.xxx.xxx.xxx/24 allow
hide-identity: yes
hide-version: yes
harden-glue: yes
harden-dnssec-stripped: yes
use-caps-for-id: yes
do-not-query-localhost: no
private-address: xxx.xxx.xxx.xxx/24
private-domain: "domain.com"
local-zone: "domain.com." static
local-data: "local-service.domain.com. IN A xxx.xxx.xxx.xxx"
local-data-ptr: "xxx.xxx.xxx.xxx local-service.domain.com"
forward-zone:
name: "domain.com"
forward-addr: 208.67.222.220
forward-addr: 208.67.222.222
forward-addr: 1.1.1.1
forward-addr: 1.0.0.1
forward-zone:
name: "."
forward-addr: 208.67.222.220
forward-addr: 208.67.222.222
forward-addr: 1.1.1.1
forward-addr: 1.0.0.1
Thanks!
