Hi, Not sure what this classical handicap is, but why wouldn't you use local-data here? This should do the trick:
local-zone: "git.internalzone.io" redirect local-data: "git.internalzone.io. CNAME git.realzone.com." -- Ralph On 29-03-18 16:03, jpdolz via Unbound-users wrote: > Hello guys, > > this week I've been playing with the new "auth-zone" feature of 1.7 > version, trying to fix the "classical" handicap with the CNAME record. > Having a look to the documentation and to the mailing list I understood > that using the new feature we'd finally have an "authoritative" DNS > server and then we'd be able to use a functional CNAME record ( > resolving the IP behind the name ) > > But, fiasco, that never happened :-( > > Here I put my configuration for the unbound.conf file and also the > definition of the zone used: > >>>>> internalzone-file <<<< > > internalzone.io <http://internalzone.io/>. SOA ns.internalzone.io > <http://ns.internalzone.io/>. hostmaster.internalzone.io > <http://hostmaster.internalzone.io/>. ( > 1998092901 ; Serial number > 60 ; Refresh 1 minute > 1800 ; Retry 30 minutes > 3600000 ; Expire 41.67 days > 172800 ) ; Minimum TTL 2 days > internalzone.io <http://internalzone.io/>. NS > ns.internalzone.io <http://ns.internalzone.io/>. > internalzone.io <http://internalzone.io/>. A 192.168.0.2 > git.internalzone.io <http://git.internalzone.io/>. CNAME > git.realzone.com <http://git.realzone.com/>. > > >>>>> unbound.conf <<<< > ... > stub-zone: > name: "realzone.com <http://realzone.com/>" > stub-host: ns-XXXX.awsdns-YY.co.uk <http://ns-xxxx.awsdns-yy.co.uk/>. > > auth-zone: > name: "internalzone.io <http://internalzone.io/>" > zonefile: internalzone.file > ... > > Of course, I tried all the possible combinations > with *for-upstream *and* **for-downstream *and nor didn't work. > Please, if anyone knows a way to do it just using unbound I'd be very > happy, if not, it would be super useful to have a clear answer about the > no feasibility to get the required scenario working. > > Thanks in advance!!!!
