Am 14.04.19 um 12:43 schrieb Herbert Meier via Unbound-users:Dear experts, I would like to configure unbound for my setup but I am totally lost with the terminology and the settings. Here is my setup: * I have a split VPN client runnging that forwards certain subnets to the VPN server and forwards *all* DNS request to the VPN server side (I guess all subdomains of myvpn.org <http://myvpn.org> should be answered by the DNS on the VPN server side) * I have a local router with domain "lan" * I would like to use my ISPs DNS but do caching myself (not sure if the router does it) How could I make all this work, i.e., * Forward all DNS request for *.myvpn.org <http://myvpn.org> through VPN
Depending on the vpn software, you can redirect DNS automatically if running unbound locally. eg libreswan will automatically run unbound-control to forward the DNS zone(s) obtained from the IKE/IPsec VPN server, clear cache and do the reverse on disconnect. I used to have a patch to openvpn to do the same. but these depend on running unbound on the device that starts the vpn too.
* Query the route for for request *.lan
That could be a permanent override as people explained already. You add it to the unbound config.
* And use my ISPs DNS (via the router 192.168.178.1) for all other queries?
That can be a simple: unbound-forward forward_add "." IpOfISPNameserver or you can add it statically in the unbound.conf file. Paul
