"
Hi all, long time user here, first time asker.
When using Unbound for DNS recursive resolving, is it possible to configure stub zones in Unbound within OPNsense's UI somehow? I'm familiar with the dialog at Services -> Unbound -> Query Forwarding, but that creates "Forward Zones," per Unbound's terminology, which behave differently. With forward zones, queries to the specified servers are sent with the "recurison desired" flag set, and DNSSEC validation is skipped. Both of these are fine when forwarding to another recursive DNS resolver.
However, in my environment, I've got a pair of authoritative DNS servers for the local domains, and want to configure Unbound to use those when performing recursive resolution for the local domains. In this case, recursive queries to these authoritative servers would fail.
I'm aware that I can most likely manually configure the stub zones I want with a .conf file per https://docs.opnsense.org/manual/unbound.html#advanced-configurations. However, is there a way I've missed to do so in OPNsense's UI? I'd prefer that, if possible, for easier maintenance.
Thanks in advance!
When using Unbound for DNS recursive resolving, is it possible to configure stub zones in Unbound within OPNsense's UI somehow? I'm familiar with the dialog at Services -> Unbound -> Query Forwarding, but that creates "Forward Zones," per Unbound's terminology, which behave differently. With forward zones, queries to the specified servers are sent with the "recurison desired" flag set, and DNSSEC validation is skipped. Both of these are fine when forwarding to another recursive DNS resolver.
However, in my environment, I've got a pair of authoritative DNS servers for the local domains, and want to configure Unbound to use those when performing recursive resolution for the local domains. In this case, recursive queries to these authoritative servers would fail.
I'm aware that I can most likely manually configure the stub zones I want with a .conf file per https://docs.opnsense.org/manual/unbound.html#advanced-configurations. However, is there a way I've missed to do so in OPNsense's UI? I'd prefer that, if possible, for easier maintenance.
Thanks in advance!
