On Thu, Jun 06, 2019 at 02:54:35PM +0000, Jaap Winius via Unbound-users wrote: > > Hi folks, > > Apparently, if a forward zone is added to Unbound, the servers defined in > that statement must support recursion to other name servers, although I > assume that's only the case if the zone includes glue records. > > Originally, my idea was to follow best practices and disable recursion on > our (internal) authoritative name servers, while keeping the number of > forward zones in the Unbound configuration to a minimum, hoping that Unbound > would follow the glue records to the correct name servers and resolve all of > the client queries anyway. But, now it looks like that boat was never going > to sail. Strange, because Unbound does does do this kind of recursion for > names out on the Internet. > > Can anyone explain why Unbound has this limitation? Is it the same for BIND? >
Are you sure forward-zone is what you want? It sounds to me like stub-zone is more fitting for your needs. -- Patrik Lundin
