networking:dns:unbound:views
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| networking:dns:unbound:views [2020/12/04 11:32] – [Different Views] peter | networking:dns:unbound:views [2022/10/08 11:19] (current) – peter | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| Unbound’s views can be used to serve local data depending on the source address a query is received on. | Unbound’s views can be used to serve local data depending on the source address a query is received on. | ||
| - | * View Name must be unique. | ||
| * Map views to requests using the **access-control-view** option. | * Map views to requests using the **access-control-view** option. | ||
| * Views can contain zero or more **local-zone** and **local-data** options. | * Views can contain zero or more **local-zone** and **local-data** options. | ||
| * Options from matching views will override global options. | * Options from matching views will override global options. | ||
| - | * Global options will be used if no matching view is found. | + | |
| - | * With **view-first yes**, it will try to answer using the global local-zone and local-data elements if there is no view specific match. | + | <WRAP info> |
| + | **views** were introduced in Unbound 1.6.0. | ||
| + | </ | ||
| ---- | ---- | ||
| Line 24: | Line 25: | ||
| name: " | name: " | ||
| local-zone: " | local-zone: " | ||
| + | view: | ||
| + | name: " | ||
| + | local-zone: example.com inform | ||
| + | local-data: ' | ||
| + | local-zone: refused.example.co.uk refuse | ||
| </ | </ | ||
| <WRAP info> | <WRAP info> | ||
| **NOTE:** | **NOTE:** | ||
| + | |||
| + | * **name** must be unique. | ||
| * **local-zone** configures a local zone. | * **local-zone** configures a local zone. | ||
| - | * The type determines the answer to give if there is no match from local-data. | + | * The type determines the answer to give if there is no match from local-data. |
| * **deny** serves local data (if any), else, drops queries. | * **deny** serves local data (if any), else, drops queries. | ||
| * **refuse** serves local data (if any), else, replies with error. | * **refuse** serves local data (if any), else, replies with error. | ||
| * **static** serves local data, else, nxdomain or nodata answer. | * **static** serves local data, else, nxdomain or nodata answer. | ||
| - | * **transparent** gives local data, but resolves normally for other names | + | * **transparent** gives local data, but resolves normally for other names. |
| * **redirect** serves the zone data for any subdomain in the zone. | * **redirect** serves the zone data for any subdomain in the zone. | ||
| * **nodefault** can be used to normally resolve AS112 zones. | * **nodefault** can be used to normally resolve AS112 zones. | ||
| - | * **typetransparent** resolves normally for other types and other names | + | * **typetransparent** resolves normally for other types and other names. |
| - | * **inform** acts like transparent, | + | * **inform** acts like transparent, |
| - | * **inform_deny** drops queries and logs client IP address | + | * **inform_deny** drops queries and logs client IP address. |
| - | * **inform_redirect** redirects queries and logs client IP address | + | * **inform_redirect** redirects queries and logs client IP address. |
| * **always_transparent, | * **always_transparent, | ||
| * **noview** breaks out of that view towards global local-zones. | * **noview** breaks out of that view towards global local-zones. | ||
| Line 49: | Line 57: | ||
| * **local-data-ptr** configures local data shorthand for a PTR record with the reversed IPv4 or IPv6 address and the host name. | * **local-data-ptr** configures local data shorthand for a PTR record with the reversed IPv4 or IPv6 address and the host name. | ||
| + | |||
| + | * **view-first** specifies whether to use Global options if no matching view is found. | ||
| + | * With **view-first yes**, it will try to answer using the global local-zone and local-data elements if there is no view specific match. | ||
| + | |||
| </ | </ | ||
| Line 57: | Line 69: | ||
| ===== Override DNS queries for specific clients ===== | ===== Override DNS queries for specific clients ===== | ||
| - | < | + | < |
| server: | server: | ||
| ... | ... | ||
| Line 82: | Line 94: | ||
| Queries to this instance should return the following for my.aa/A: | Queries to this instance should return the following for my.aa/A: | ||
| - | < | + | < |
| ;; ->> | ;; ->> | ||
| ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | ||
| Line 96: | Line 108: | ||
| The view named intview defines an alternative response, which is used when a query comes in to 127/8, as defined in the **access-control-view** statement: | The view named intview defines an alternative response, which is used when a query comes in to 127/8, as defined in the **access-control-view** statement: | ||
| - | < | + | < |
| ;; ->> | ;; ->> | ||
| ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 | ||
| Line 112: | Line 124: | ||
| <WRAP info> | <WRAP info> | ||
| - | **NOTE: | + | **NOTE: |
| </ | </ | ||
| Line 128: | Line 140: | ||
| https:// | https:// | ||
| + | https:// | ||
networking/dns/unbound/views.1607081567.txt.gz · Last modified: 2020/12/04 11:32 by peter