Thank you Wouter That was exactly what I needed and also thank you for the explanation since it cleared a couple of things for me.
Aggelos Kanarelis Systems Engineer Arts Alliance Media Ltd T: +44 (0)20 7751 7525 / M: +44 (0) 7809427708 [email protected]<mailto:[email protected]> www.artsalliancemedia.com<http://www.artsalliancemedia.com/> Landmark House Hammersmith Bridge Road London W6 9EJ Follow us on Twitter<https://twitter.com/ArtsAllianceM/> / Facebook<http://www.facebook.com/pages/Arts-Alliance-Media/115700988468309> / LinkedIn<https://www.linkedin.com/company/arts-alliance-media> From: W.C.A. Wijngaards [mailto:[email protected]] Sent: 28 November 2017 13:11 To: Aggelos Kanarelis <[email protected]> Cc: [email protected] Subject: Re: Configuration issue Hi Aggelos, And also add local-zones name transparent for your names for which you also have the forward-zones. Those local-zones with the local zone type transparent make holes in the refuse policy for '.', and unbound uses the most specific local-zone, so unbound then allows the names that are transparent, but then denies all the other names. Best regards, Wouter On 28/11/17 11:31, Aggelos Kanarelis wrote: > Hi Wouter > > > > So just to summarize. > > > > A local zone with "." refuse > > > > Then my existing forward zones? > > > > Thanks > > > > Aggelos Kanarelis > > Systems Engineer > > > > *Arts Alliance Media Ltd* > > T: +44 (0)20 7751 7525 / M: +44 (0)7809427708 > > [email protected]<mailto:[email protected]> > <mailto:[email protected]>____ > > www.artsalliancemedia.com<http://www.artsalliancemedia.com> > <http://www.artsalliancemedia.com/<http://www.artsalliancemedia.com/>> > > > > Landmark House > Hammersmith Bridge Road > London W6 9EJ__ > > > > Follow us on Twitter > <https://twitter.com/ArtsAllianceM/<https://twitter.com/ArtsAllianceM/>>/ > Facebook > <http://www.facebook.com/pages/Arts-Alliance-Media/115700988468309<http://www.facebook.com/pages/Arts-Alliance-Media/115700988468309>>/ > LinkedIn > <https://www.linkedin.com/company/arts-alliance-media<https://www.linkedin.com/company/arts-alliance-media>> > > > > *From:*W.C.A. Wijngaards [mailto:[email protected]] > *Sent:* 28 November 2017 08:15 > *To:* Aggelos Kanarelis > <[email protected]<mailto:[email protected]>> > *Subject:* Re: Configuration issue > > > > Hi Aggelos, > > With that I mean you could have the defaults after the local-zone > statements that act to filter the inputs. And then unbound performs > regular recursive DNS server lookups. > > But you could also include the forward-zone: text from config that you > have already, and configure the lookups to be performed at particular > upstream servers. > > So I meant the pieces of text starting with forward-zone: > > Best regards, Wouter > > On 27/11/17 17:28, Aggelos Kanarelis wrote: >> Thanks Wouter >> >> >> >> I am a little green so what do you mean by forward clauses? How would I >> add those? >> >> >> >> Thanks >> >> >> >> Aggelos Kanarelis >> >> Systems Engineer >> >> >> >> *Arts Alliance Media Ltd* >> >> T: +44 (0)20 7751 7525 / M: +44 (0)7809427708 >> >> [email protected]<mailto:[email protected]> > <mailto:[email protected]> >> <mailto:[email protected]>____ >> >> www.artsalliancemedia.com<http://www.artsalliancemedia.com> >> <http://www.artsalliancemedia.com<http://www.artsalliancemedia.com>> > <http://www.artsalliancemedia.com/<http://www.artsalliancemedia.com/>> >> >> >> >> Landmark House >> Hammersmith Bridge Road >> London W6 9EJ__ >> >> >> >> Follow us on Twitter >> <https://twitter.com/ArtsAllianceM/<https://twitter.com/ArtsAllianceM/>>/ >> Facebook >> <http://www.facebook.com/pages/Arts-Alliance-Media/115700988468309<http://www.facebook.com/pages/Arts-Alliance-Media/115700988468309>>/ >> LinkedIn >> <https://www.linkedin.com/company/arts-alliance-media<https://www.linkedin.com/company/arts-alliance-media>> >> >> >> >> *From:*Unbound-users [mailto:[email protected]] *On >> Behalf Of *W.C.A. Wijngaards via Unbound-users >> *Sent:* 27 November 2017 16:09 >> *To:* [email protected]<mailto:[email protected]> >> <mailto:[email protected]> >> *Subject:* Re: Configuration issue >> >> >> >> Hi, >> >> The order does not matter for local-zone, local-data, forward and stub >> clauses. Unbound picks the closest one. First the local-zone and >> local-data statements are processed. Then the cache of forward and stub >> data. Then the lookup vi forward and stub data. >> >> You could create a local-zone: "." refuse and local-zone: >> "example.com<http://example.com> > <http://example.com<http://example.com>> >> <http://example.com<http://example.com>>" >> transparent for all of the names you want resolved. If you want those >> names forwarded somewhere, you can then also include forward clauses for >> those names. The other names are rejected. >> >> Best regards, Wouter >> >> On 27/11/17 15:09, Sonic via Unbound-users wrote: >>> Maybe post the unbound.conf file (no comment lines please). >>> >> >
