On Fri, Apr 1, 2011 at 10:16 AM, Chris Smith <[email protected]> wrote: > If you're just using a /24 then changing this to something like: > ================================ > forward-zone: > name: "1.168.192.in-addr.arpa." > forward-addr: <windows box> > ================================ > and then: > ================================ > local-zone: 1.168.192.in-addr.arpa. transparent > ================================ > will prevent Unbound from forwarding PTR queries outside of your > subnet (in this example anything not in 192.168.1) to your Windows > box.
This "in this example anything not in 192.168.1" should more correctly read "in this example anything not in 192.168.1 but in 192.168". This is also useful if you use Unbound as a resolver. It will prevent such PTR queries from being leaked to the Internet and requiring an answer from the arin servers. Chris _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
