Wiki

User Tools

Site Tools

Trace:
networking:dns:unbound:configure_local_zones

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
networking:dns:unbound:configure_local_zones [2020/11/30 13:01] – created peternetworking:dns:unbound:configure_local_zones [2022/10/08 11:47] (current) – removed peter
Line 1: Line 1:
-====== Networking - DNS - Unbound - Configure Local Zones ====== 
- 
-Suppose you have a printer in your LAN. 
- 
-You can connect to that printer by using its known IP address, like, for example, 192.168.1.100. 
- 
-However, wouldn't you rather give a human readable name to that printer? 
- 
-<WRAP info> 
-**NOTE:**  Unbound is not an authoritative server, so it cannot manage a full zone with all its bells and whistles directly. 
- 
-However, it is able to manage a small home LAN. 
-</WRAP> 
- 
-<file bash /etc/unbound/unbound.conf.d/local_names.conf> 
-private-address: 192.168.1.0/24 
-local-zone: "sharewiz.net." static 
-        local-data: "gateway.sharewiz.net. IN A 192.168.1.1" 
-        local-data: "server1.ssharewiz.net. IN A 192.168.1.69" 
-        local-data: "printer.sharewiz.net. IN A 192.168.1.100" 
-        local-data-ptr: "192.168.1.1 gateway.sharewiz.net" 
-        local-data-ptr: "192.168.1.2 server1.sharewiz.net" 
-        local-data-ptr: "192.168.1.69 computer.sharewiz.net" 
-        local-data-ptr: "192.168.1.100 printer.sharewiz.net" 
-</file> 
- 
-<WRAP info> 
-**NOTE:**  This assumes that the LAN is using 192.168.1.0/24 as the network. 
- 
-The **private-address** directive prevents addresses in your LAN from being returned for public Internet names. This step prevents DNS rebinding attacks. 
- 
-The **local-zone** directive defines all domains under sharewiz.net as local.  The **static** word means that the static entries defined in the configuration file are used as DNS entries.  Each of the local-data entries assigns a name to an address.  For example, 192.168.1.100 would be assigned the name printer.sharewiz.net.  If you queried the Unbound server for a name in the sharewiz.net zone that did not exist, it would be answered with a NXDOMAIN message.  Alternatively, **transparent** could be used instead of static.  A transparent local zone is one in which the server tries to resolve the name of a host by other means if it has no static entry for it in its configuration. 
- 
-The **local-data-ptr** entries are optional and define reverse DNS information.  Reverse DNS is, as the expression implies, the opposite of DNS.  A reverse DNS query asks "What is the name of the host with the address 192.168.1.100?" 
- 
-</WRAP> 
  
networking/dns/unbound/configure_local_zones.1606741270.txt.gz · Last modified: 2020/11/30 13:01 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki