W.C.A. Wijngaards wrote: > You mean stub-addr, not stub-host. Now unbound tries to resolve the > domain name '10.64.2.1', but that does not exist. > >> I use a combination of: >> local-zone: "7.168.192.in-addr.arpa." transparent >> and >> stub-zone: >> name: "7.168.192.in-addr.arpa" >> stub-addr: 192.168.107.4 > > And you need transparent because 168.192.in-addr.arpa. is blocked by > default and the 7.168.192.in-addr.arpa. locally overrides that default. > A nodefault for the entire 168.192 range would work, but leave the rest > of 168.192 uncovered, so your current setup is best. Thanks all, that worked. Cheers, -- Thomas E. Spanjaard tgen at netphreax.net tgen at deepbone.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 486 bytes Desc: OpenPGP digital signature URL: <http://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20100430/784499e5/attachment.pgp>