-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Francesc,
This should work:
server:
local-zone: "10.in-addr.arpa." nodefault
stub-zone:
name: "10.in-addr.arpa."
stub-addr: ip-of-your-private-dns-server
Then it should do reverse 10.0.0.0/8 lookups on your private DNS server.
The first part 'nodefault' unblocks the reverse zone (these prevent your
local data from leaking to the internet). The stub-zone makes it ask an
ip adres of your choice for reverse resolution.
Best regards,
Wouter
Francesc Guasch wrote:
> On Fri, May 15, 2009 at 02:07:46PM +0200, Stephane Bortzmeyer wrote:
>> On Thu, May 14, 2009 at 01:56:59PM +0200,
>> Francesc Guasch <[email protected]> wrote
>> a message of 42 lines which said:
>>
>>> local-zone: "10.in-addr.arpa." static
>>> local-zone: "10.in-addr.arpa. 10800 IN NS localhost."
>>> local-data: "10.in-addr.arpa. 10800 IN SOA private.dns.server"
>> Correct, as soon as you use a proper syntax. Unbound told you there
>> was a syntax error, just read the messages.
>>
>> This one works for me (Unbound 1.2):
>>
>> local-zone: "132.18.172.in-addr.arpa." static
>> local-data: "132.18.172.in-addr.arpa. 10800 IN NS batilda.nic.fr."
>> local-data: "132.18.172.in-addr.arpa. 10800 IN SOA
>> bortzmeyer.nic.fr. batilda.nic.fr. 2009051500 3600 800 86400 300"
>> local-data: "2.132.18.172.in-addr.arpa. 10800 IN PTR
>> www.unbound.net."
>
> Thank you very much for answering me Stephane, I've been trying but
> I still can't make it work. I guess you have two different DNS servers
> for your zone, but I have only one. The unbound server is just a
> cache from another bind server, so I'm trying this:
>
> local-zone: "10.in-addr.arpa." static
> local-data: "10.in-addr.arpa. 10800 IN NS my.private.dns.server"
> local-data: "10.in-addr.arpa. 10800 IN SOA my.private.dns.server
> my.private.dns.server 2009051500 3600 800 86400 300"
>
>
> I tried also to put NS localhost in the second line.
> I also tried to add a PTR local-zone like the NS one and some
> other random tries. Mostly I don't know what I'm doing, I just
> want a little dns proxy but I can't find a recipe for my
> requirements.
>
> _______________________________________________
> Unbound-users mailing list
> [email protected]
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkoRUusACgkQkDLqNwOhpPgBTwCePAiUANmg/Ck6QltoOYXmElAj
vVAAoJkcpsjgHQqtdo1wE89p42aUifsN
=xeBX
-----END PGP SIGNATURE-----
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
