Re: unbound resolving 10.in-addr.arpa
Without seeing your unbound.conf, any of the following configurations may be relevant. I use nodefault in conjunction with a stub zone, but per Todd's reply, transparent may be appropriate depending on your configuration: local-zone: "10.in-addr.arpa." nodefault If DNSSEC is not configured on your local domains: domain-insecure: "10.in-addr.arpa." To allow queries from localhost (regardless of using 127.0.0.1 or not): do-not-query-localhost: no On Thu, Dec 14, 2023 at 3:19 PM Todd C. Miller wrote: > On Thu, 14 Dec 2023 12:05:24 -0800, "Lyndon Nerenberg (VE7TFX/VE6BBM)" > wrote: > > > I am trying to get unbound to serve up reverse DNS for our internal > > 1918 address space. I have been going hammer and tongs at unbound.conf > > to try to make it forward requests for '*.10.in-addr.arpa.' to our > > two internal nameservers that are authoritative for the 10.in-addr.arpa > > zone. > > You haven't said what you have tried so far, but unbound will ignore > RFC 1918 PTR queries by default. You need to use things like: > > local-zone: "1.1.10.in-addr.arpa." transparent > > See the description of "transparent" in the unbound.conf manual for > more info. > > - todd > >
Re: unbound resolving 10.in-addr.arpa
Todd C. Miller writes: > local-zone: "1.1.10.in-addr.arpa." transparent That (well, a variant) was the answer. I was having a real problem wrapping my head around what 'transparent' did, so I was applying it incorrectly. Thanks for prodding me to revisit it! --lyndon
Re: unbound resolving 10.in-addr.arpa
On Thu, 14 Dec 2023 12:05:24 -0800, "Lyndon Nerenberg (VE7TFX/VE6BBM)" wrote: > I am trying to get unbound to serve up reverse DNS for our internal > 1918 address space. I have been going hammer and tongs at unbound.conf > to try to make it forward requests for '*.10.in-addr.arpa.' to our > two internal nameservers that are authoritative for the 10.in-addr.arpa > zone. You haven't said what you have tried so far, but unbound will ignore RFC 1918 PTR queries by default. You need to use things like: local-zone: "1.1.10.in-addr.arpa." transparent See the description of "transparent" in the unbound.conf manual for more info. - todd
unbound resolving 10.in-addr.arpa
I am at Witt's End. I am trying to get unbound to serve up reverse DNS for our internal 1918 address space. I have been going hammer and tongs at unbound.conf to try to make it forward requests for '*.10.in-addr.arpa.' to our two internal nameservers that are authoritative for the 10.in-addr.arpa zone. Someone, *please*, show me the light. And no, static zone files are not an option at this point. I need unbound to forward the requests as described. I really don't want to have to install named just to get this functionality. Thanks! --lyndon