Hi, I have tried to read the documentation and have come to the conclusion that what I'm asking for is not possible (it seems to me that forward-zone in function of view is not possible). Am I wrong?
If someone more knowledgeable than me in unbound can just confirm this, that would be enough for me. Thanks for your help. On 7/6/25 22:19, François Lafont wrote:
I would like to known if it's possible to disable a forward-zone for a specific view? Or if it's possible to do this in a different way? Let me show you a quick example with this configuration: ---------------------------------------- server: # [...] access-control-view: 10.111.222.0/24 myview view: name: myview view-first: no local-zone: "domain.tld." always_nxdomain forward-zone: name: "domain.tld." forward-addr: A.B.C.D forward-addr: W.X.Y.Z ---------------------------------------- There is a forward-zone in global configuration. But this forward-zone is "disabled" for the client in myview (clients in 10.111.222.0/24). For these clients, the zone is a "NXDOMAIN" zone. So, in a way, the forward-zone is disabled for myview, but the forward-zone is replaced by a NXDOMAIN. Is it possible to: * remove the NXDOMAIN local-zone for myview, * and allow DNS resolution in the zone "domain.tld." but without using the forwarders. I would like that DNS resolutions in zone "domain.tld." are made via a "classical" way (ie root DNS etc. but without using the forward-zone). Is it possible to do that? If not, maybe with another mechanism than view?
-- François Lafont
