Topics

1

22.7 Legacy Series / Unbound and RFC6761 (Special-Use Domain Names)

« on: January 13, 2023, 03:22:48 pm »

Hi!

I'm trying to configure Unbound so Special-Use Domain Names never leave my local network, on the default install, queries like "example.home.arpa" are being forwarded outside my network. According to the RFC6761 there's a list of domains that the resolver should only reply internally and never forward them.

https://datatracker.ietf.org/doc/rfc6761/
https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml

What I'm trying to do is, add a rfc6761.conf over at "/usr/local/etc/unbound.opnsense.d", but when I restart Unbound it doesn't start and no errors show up at the logs. Small example of the file:

Code: [Select]

local-zone: "home.arpa" always_nxdomain
Maybe there's another method for achieving this? Thanks for any input!

2

General Discussion / Unbound and DoT strange interaction

« on: January 10, 2023, 03:24:08 pm »

Hi!

I've posted this first on Reddit but I didn't get any replies and I've figured this would be a better place. I have Unbound configured to use DoT to relay DNS requests to a couple of VPSs I have running AdGuard Home. The requests are forwarded and filtered as expected.

The problem I'm facing is that the 1st DNS server I have configured, when I run drill or the DNS lookup via GUI, the answer from Unbound is 127.0.1.1, not the actual A record. Screenshots as follows:

Thanks in advance for any help/input!