Hello,
I am trying to debug an unbound system whom goal is to provide a local DNS
server and our own filtering with RPZ.
I have setup a bind server distributing my RPZ zones and I can successfully
AXFR from anywhere for the zone "my-zone.rpz"
I have setup the unbound server and enabled both "module-config: "respip
validator iterator" and configured the zone with :
rpz:
name: "my-zone.rpz"
zonefile: "my-zone.rpz"
primary: 1.2.3.4
rpz-log: yes
rpz-log-name: "my-zone.rpz"
When I try to load the zone with : "unbound-control -c
/var/unbound/unbound.conf rpz_enable blog.rpz.dynfi" --> "OK"
When I try to transfer zone with : "unbound-control -c
/var/unbound/unbound.conf auth_zone_transfer blog.rpz.dynfi" --> "OK"
But IRL (in real life) nothing happens…
My BIND server does not receive the request for zone transfer.
So I might have missed something somewhere… ?
Also I don't know how to use drill to test zone transfer (if this is possible)…
?
Thanks for your help.
—
Greg Bernard
FreeBSD amateur since 20 years
