2

There is a public domain registered by somebody on the Internet. Let's say "example.com".

I need my Unbound server to be partially authoritative for the zone "example.com" for my internal client servers.

I want Unbound to serve the following records to my internal client servers whenever they ask for them.

  • test1.example.com. A 192.168.0.1
  • test2.example.com. A 192.168.0.2
  • test3.example.com. A 192.168.0.3

However, whenever a query arrives for a different record (Let's say "www.example.com") then I want Unbound to do the normal DNS recursive resolving process on the Internet.

I want to do this via the auth-zone section because I already have the "example.com" zone on an Authoritative DNS server. I successfully perform a zone transfer and Unbound has those 3 records and provides answers for them. However, whenever I try to ask it for "www.example.com" it doesn't want to do the normal DNS recursive resolving process on the Internet and doesn't return an answer.

auth-zone:
  name: example.com
  master: <<My_Master>>
  allow-notify: <<My_Master>>
  fallback-enabled: yes
  for-downstream: no
  for-upstream: yes

Unbound doesn't seem to comply with what its documentation says.

I tried all combinations of (fallback-enabled,for-downstream,for-upstream) and none of them work.

Any ideas ?

OS: CentOS 7.6

Unbound version: 1.9.0

Erica993
  • 21
  • 2

0 Answers0