Hello, i have a situation with a stub zone domain.
domain: example.com this domain is public also the same is used for local AD. i have unbound configured to serve local users: forward-zone: "." to ISP dns stub-zone "example.com" to our internal authoritative server (AD/DC) also put local-domain in server section. everything works fine during the time that the AD/DC server is reachable from Unbound. all host.example.com are returned their internal IP 192.168.X.X although i noticed when Unbound can not connect with AD/DC server the resolved IP for host.example.com return their public IP (the one that have one, like mail.www. etc) is this normal ? is there any way to prevent Unbound looking up in forward zone for example.com and to give fail or nx in case is not able to get response from the stub-zone server i have appointed. thank you
