12 Kvě
2017
12 Kvě
'17
11:06
Hi,
I have the following configuration working for unbound, how can I get
the same behavior working in knot-resolver?
server:
do-not-query-localhost: no
domain-insecure: "stubzone"
local-zone: "stubzone" nodefault
stub-zone:
name: "stubzone"
stub-addr: 127.0.0.2
I run this for various testing and what I want is to redirect a zone to
a local DNS server and I also what the resolver to follow any
delegations it receives.
Cheers,
Jerry
12 Kvě
12 Kvě
12:02
Hello!
On 05/12/2017 11:06 AM, Jerry Lundström wrote:
[...] what I want is to redirect a zone to
a local DNS server and I also want the resolver to follow any
delegations it receives.
I'm afraid I can't see a simple way to do exactly that.
It's simple to forward some zones to other *resolvers* via the FORWARD
policy, but that will assume the server can give the final query, i.e.
delegations wouldn't be followed. To make kresd accept private zones in
answers, you'd also need to set an option for that query, e.g. via
another preceding policy rule: FLAGS(kres.query.ALLOW_LOCAL). Also note
that policies only apply on incoming requests and not e.g. CNAME targets.
https://knot-resolver.readthedocs.io/en/latest/modules.html#query-policies
It would certainly be possible to write your own lua code that modifies
the internal state to do this, though that probably wouldn't be a good
longterm solution. To be usable, we would probably best add some
support for such things in kresd, but ATM I can't promise it happening
anytime soon.
--Vladimir
2756
days inactive
2756
days old
1 comments
2 participants
participants (2)
-
Jerry Lundström -
Vladimír Čunát