Text only | Text with Images

OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: jeremias.winter on November 02, 2021, 03:06:33 PM

Title: [SOLVED] Unbound: Alternative to DNS Custom options, e.g. for forward zones
Post by: jeremias.winter on November 02, 2021, 03:06:33 PM
Hi all,

with the 21.7 release, the "Custom Options" field for Unbound was removed. Since this was already announced and the use of this field discouraged for quite some time, this is not a surprise.

However, I find myself wondering if there are plans to make some more features of Unbound accessible via the GUI instead.

For example, I used the custom options to set up DNS forward zones for specific domains. To me this seems like a feature that could be relevant for more people. However, without the field in the GUI you have to connect via SSH/Terminal and change a config file manually. The GUI only supports a general "DNS forwarding" setting, which cannot be restricted to certain domains.

So my question is: Are there any plans to add more configuration options like those forward zones to the opnSense GUI for Unbound?

Thanks and Regards
Title: Re: Unbound: Alternative to DNS Custom options, e.g. for forward zones
Post by: Patrick M. Hausen on November 02, 2021, 04:22:19 PM
Domain overrides can do forwarding to my knowledge.
Title: Re: Unbound: Alternative to DNS Custom options, e.g. for forward zones
Post by: jeremias.winter on November 03, 2021, 08:17:02 AM
Thank you for the reply! But I don't see how that would work, maybe I'm not getting it.
AFAIK Domain overrides are specific to one host, giving it an IP that then will not be looked up through the "regular" means. But I don't know the IPs of the hosts in the domain that I want to forward... so all requests to any hosts in that domain need to be answered by a DNS server in that domain.
Is this possible with Domain overrides?
Title: Re: Unbound: Alternative to DNS Custom options, e.g. for forward zones
Post by: Patrick M. Hausen on November 03, 2021, 08:21:17 AM
Quote from: jeremias.lubberger on November 03, 2021, 08:17:02 AM
AFAIK Domain overrides are specific to one host, giving it an IP that then will not be looked up through the "regular" means.
That would be a host override. Host overrides and domain overrides are two completely separate things.

Quote from: jeremias.lubberger on November 03, 2021, 08:17:02 AM
But I don't know the IPs of the hosts in the domain that I want to forward... so all requests to any hosts in that domain need to be answered by a DNS server in that domain.
Is this possible with Domain overrides?
That's what a domain override does. See screenshots.
Title: Re: Unbound: Alternative to DNS Custom options, e.g. for forward zones
Post by: jeremias.winter on November 03, 2021, 09:46:52 AM
:O

Seems I have overlooked this for quite some time (I have a lot of Host overrides, so the "Domain Override" part is only visible after scrolling).
But yeah, that should do exactly what I need. Thanks for pointing that out!
I will try this as soon as possible.
Title: Re: [SOLVED] Unbound: Alternative to DNS Custom options, e.g. for forward zones
Post by: jeremias.winter on November 17, 2021, 09:40:57 AM
Update: Yes, this works like a charm. Shame on me for not noticing, and thanks to pmhausen for explaining!
Marking this thread as solved now.
Text only | Text with Images