Am 14.04.19 um 12:43 schrieb Herbert Meier via Unbound-users:
Dear experts,
I would like to configure unbound for my setup but I am totally lost with
the terminology and the settings. Here is my setup:
* I have a split VPN client runnging that forwards certain subnets to
the VPN server and forwards *all* DNS request to the VPN server side
(I guess all subdomains of myvpn.org <http://myvpn.org> should be
answered by the DNS on the VPN server side)
* I have a local router with domain "lan"
* I would like to use my ISPs DNS but do caching myself (not sure if
the router does it)
How could I make all this work, i.e.,
* Forward all DNS request for *.myvpn.org <http://myvpn.org> through
VPN
Depending on the vpn software, you can redirect DNS automatically if
running unbound locally. eg libreswan will automatically run
unbound-control to forward the DNS zone(s) obtained from the IKE/IPsec
VPN server, clear cache and do the reverse on disconnect.
I used to have a patch to openvpn to do the same.
but these depend on running unbound on the device that starts the vpn
too.
* Query the route for for request *.lan
That could be a permanent override as people explained already. You add
it to the unbound config.
* And use my ISPs DNS (via the router 192.168.178.1) for all other
queries?
That can be a simple: unbound-forward forward_add "." IpOfISPNameserver
or you can add it statically in the unbound.conf file.
Paul