Additionally to all this good advice, you can create multiple loopback interfaces if you did want to use divert-to. 'ifconfig create lo1' then you don't need to use weird ports to accomplish things.
On Wed, May 27, 2015 at 4:06 AM, Stuart Henderson <s...@spacehopper.org> wrote: > On 2015-05-26, Felipe Scarel <fbsca...@gmail.com> wrote: > > after reading some documentation on the NSD manpage and online, it > > seems there's no support for views as offered with BIND. I've gathered > > that the general suggestion is to run two separate instances (running > > on 127.0.0.1, for example), and divert traffic from pf depending on > > the connecting source-address. > > What are you using views *for*? > > If it's to present some internal-only hosts to a trusted network that > is also using you as a resolver, just use local-data entries in unbound > for internal use, and run NSD facing external hosts. Simple setup and > fairly easy to use. > > If it's something more complex (i.e. where you have other resolvers > querying you and need to present different views to these based on IP > address etc) then yes you will need two separate authoritative servers > (or you could keep using BIND for this job of course).
