[Unbound-users] per-forwarder source address?

Michael Tokarev mjt at tls.msk.ru
Sun Mar 18 20:07:47 UTC 2012


Hello.

I've a multi-homed host here, in DMZ, with unbound
running on it.  The internal network has its own
auth nameservers and its own domain names.  The
host in question has regular externally-accessible
IP addresses (several) and 192.168.* addresses for
access of internal LAN.

And the issue I'm seeing is - unability to configure
"regular" outgoing address (outgoing-interface) which
should be one of these external IPs, together with
using one of internal addresses when contacting the
forwarders.

I wonder if something like this:

forward-zone:
 name: "foo.example.com"
 forward-address 192.168.1.2 at 53:192.168.1.1

may help?  Or alternatively, even an additional
section like

server:
 name: "internal-resolver"
 address: 192.168.1.2 at 53
 outgoing-interface: 192.168.1.1
forward-zone:
 name: "foo.example.com"
 forward-server: internal-resolver

is worth to implement?

The same applies to nsd but at different "angle",
I'll post a separate message there...

Thanks!

/mjt



More information about the Unbound-users mailing list