Hi, While doing some experiments, I am facing an issue while mixing auth-zone and forward-zone.
The server I was testing on was originally configured to forward requests to other servers (mainly to benefit from their cache): forward-zone: name: "." forward-addr: IP1 # redacted forward-addr: IP2 # redacted Then, I added auth-zone directives on order to implement RF7706: auth-zone: name: "." for-downstream: no for-upstream: yes fallback-enabled: yes master: c.root-servers.net master: iad.xfr.dns.icann.org master: lax.xfr.dns.icann.org >From this point, all responses are nodata. Both features work separately, but not together. I know this can be a curious config (frankly, I forgot I added the forward-zone on this test server...) but I would have expected unbound : - either to use the root zone local copy, then to use the forward-addr to continue with the recursion - or to ignore the auth-zone directives as it is configured as a simple forwarder for the zone Any comment on this? -- Guillaume
