Adding additional unbound directives

Started by planetf1, September 04, 2025, 09:33:04 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 04, 2025, 09:33:04 AM
I've noticed a lot of SERVFAIL noise with one particular DNS server which, on investigation, is behaving correctly (FORMERR->SERVFAIL) when receiving requests for local addresses.

I wanted to add something like that below, but I'm unsure if this is possible given that the unbound config files are rewritten each time. Is there any 'safe' override location? Or would adding this require a code change?

server:
    ########################################
    # RFC 6303: Local-use reverse zones
    ########################################

    # Loopback
    local-zone: "127.in-addr.arpa." static
    local-data-ptr: "127.0.0.1 localhost."

    # Private-use
    local-zone: "10.in-addr.arpa." static
    local-zone: "168.192.in-addr.arpa." static
    local-zone: "16.172.in-addr.arpa." static
    local-zone: "17.172.in-addr.arpa." static
    local-zone: "18.172.in-addr.arpa." static
    local-zone: "19.172.in-addr.arpa." static
    local-zone: "20.172.in-addr.arpa." static
    local-zone: "21.172.in-addr.arpa." static
    local-zone: "22.172.in-addr.arpa." static
    local-zone: "23.172.in-addr.arpa." static
    local-zone: "24.172.in-addr.arpa." static
    local-zone: "25.172.in-addr.arpa." static
    local-zone: "26.172.in-addr.arpa." static
    local-zone: "27.172.in-addr.arpa." static
    local-zone: "28.172.in-addr.arpa." static
    local-zone: "29.172.in-addr.arpa." static
    local-zone: "30.172.in-addr.arpa." static
    local-zone: "31.172.in-addr.arpa." static

    # Link-local
    local-zone: "254.169.in-addr.arpa." static

    # TEST-NETs
    local-zone: "2.0.192.in-addr.arpa." static
    local-zone: "100.51.198.in-addr.arpa." static
    local-zone: "113.0.203.in-addr.arpa." static

    # Multicast / reserved (optional)
    local-zone: "224.in-addr.arpa." static
    local-zone: "225.in-addr.arpa." static
    local-zone: "226.in-addr.arpa." static
    local-zone: "227.in-addr.arpa." static
    local-zone: "228.in-addr.arpa." static
    local-zone: "229.in-addr.arpa." static
    local-zone: "230.in-addr.arpa." static
    local-zone: "231.in-addr.arpa." static
    local-zone: "232.in-addr.arpa." static
    local-zone: "233.in-addr.arpa." static
    local-zone: "234.in-addr.arpa." static
    local-zone: "235.in-addr.arpa." static
    local-zone: "236.in-addr.arpa." static
    local-zone: "237.in-addr.arpa." static
    local-zone: "238.in-addr.arpa." static
    local-zone: "239.in-addr.arpa." static

    ########################################
    # Special-use forward zones
    ########################################

    # mDNS / Bonjour
    local-zone: "local." static
    # Home networking
    local-zone: "home.arpa." static

    ########################################
    # Optional: Dummy PTR for LAN gateway
    ########################################
    # Replace 192.168.1.1 with your actual gateway IP
    local-data-ptr: "192.168.1.1 router. Local."
September 04, 2025, 11:01:23 AM #1
September 04, 2025, 07:17:59 PM #2
ah! fantastic!
Print
Go Up Pages1
User actions