0

My Unbound configuration contains an entry for domain example.com:

forward-zone:
    name: "example.com"
    forward-addr: 10.20.30.1
    forward-addr: 10.20.30.2

It works fine for the FQDN hello.example.com resolution, but not for hello.sub.example.com (which is resolved by the same DNS server).

I can start to pile up forward-zone entries for each subzone of example.com but would prefer to use a wildcard. The documentation is silent about that - is there a way in Unbound to say "everything below example.com"?

WoJ
  • 2,804
  • 7
  • 48
  • 73
  • This *is* how you say "everything below `example.com`". Does the situation change if you actually add a separate entry for a subzone? Does `unbound-control list_forwards` show any unexpected entries? – u1686_grawity Nov 21 '22 at 09:00
  • @user1686: if I add a `forward-zone` for, say, `sub.example.com`, everything in `sub.example.com` is resolved correctly. The problem is that there may be tons of various sub (and sub-sub, and sub-sub-sub, .. domains and that **I do not know them**. The thing I know is that they will be resolved by the DNS servers `10.20.30.[1,2]` (that will, if needed, forward the resolution somewhere else for delegated subdomains for instance). This is why I am seriously hoping to be able to configure `*.example.com` (where `*` is greedy). And to your question: the output in the case I add subdomains is fine. – WoJ Nov 21 '22 at 09:52
  • @user1686: Sorry, I did not notice that you highlighted *is*. Do you mean that `hello.world.subdomain.again.example.com` should be covered by the single `example.com` entry?, where `world.subdomain.again.example.com`, `subdomain.again.example.com`, etc. are domains? – WoJ Nov 21 '22 at 09:53
  • Yes. My real question is, are you currently trying to figure out why it doesn't work as configured, or are you just asking preemptively? – u1686_grawity Nov 21 '22 at 10:25
  • @user1686: I am trying to figure out why it is not working as configured (namely: so that a single `example.com` entry and its servers handle everything `*.example.com` - which does not work right now and I need to specifically create `forward-zone` entries pointing to the same servers to handle subdomains of `example.com`). If this is how it is supposed to work, I will get some traces and post it to the mailing list. – WoJ Nov 21 '22 at 10:34

0 Answers0