On 2014/09/23 11:46, Paul de Weerd wrote: > On Mon, Sep 22, 2014 at 09:58:40PM +0000, Stuart Henderson wrote: > | Unbound is a recursive-only server. You can add a domain with local-data > | (whether it's a local or remote IP) but this is just for queries from > | local DNS clients, not from other nameservers. > | > | If you want to serve these records to other nameservers, that needs to > | be done with a different program (for example NSD). There are a couple of > | ways to run the two programs on the same machine, easiest is usually to > | run unbound on an internal IP address and nsd on an external address, > | though there are some other options. > | > | BIND has a not-recommended config mode where you can serve both clients > | and other nameservers on the same IP address. You can't do this with > | most modern DNS servers including Unbound. > > Unbound can give authoritative answers, they can be configured in the > unbound configuration file; search unbound.conf(5) for local-zone: and > local-data: options.
Ah sorry I was mistaken, I didn't realise it set 'aa' on these. > Do not use this for production service: if you want to run an > authoritative nameserver, run an authoritative nameserver. Yes.
