Hello, So far setting up unbound has been going fine, what however is missing, is the proper configuration for the internal ptr zones. I've tried:
name: "168.192.in-addr.arpa" stub-addr: 192.168.0.53@53 ... as well as name: "0.0.168.192.in-addr.arpa" stub-addr: 192.168.0.53@53 And done the same with alternatively using forward zones. The stub/forward address is of course pointing to an internal authorative nameserver and the ptr zones have been listed as insecure domains as well. While this configuration works perfectly fine with forward zones, it does not work for reverse, any the question is: what am I missing? In fact, looking at the logs, I can see, that unbound tries to resolve those publically: unbound[1826:0] info: response for 192.168.2.10. A IN unbound[1826:0] info: reply from <.> 192.5.5.241#53 unbound[1826:0] info: query response was NXDOMAIN ANSWER unbound[1826:0] info: finishing processing for 192.168.2.10. A IN unbound[1826:0] debug: validator[module 1] operate: extstate:module_wait_module event:module_event_moddone unbound[1826:0] info: validator operate: query 192.168.2.10. A IN unbound[1826:0] info: respip operate: query 192.168.2.10. A IN unbound[1826:0] reply: 172.16.35.25 192.168.2.10. A IN NXDOMAIN 0.009302 0 116 That should not happen, so surely I have done something wrong, but as of now, the unbound.conf man page has not been helpful in this regard. Or I have misread something. Thanks for any ideas Ede
