From owner-freebsd-questions@freebsd.org Tue Oct 13 10:26:27 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 86DE8A12DCC for ; Tue, 13 Oct 2015 10:26:27 +0000 (UTC) (envelope-from freebsd-questions@itsacon.net) Received: from lipwig.itsacon.net (lipwig.itsacon.net [212.78.186.34]) by mx1.freebsd.org (Postfix) with ESMTP id 4C4D61E5 for ; Tue, 13 Oct 2015 10:26:27 +0000 (UTC) (envelope-from freebsd-questions@itsacon.net) Received: by lipwig.itsacon.net (Postfix, from userid 58) id 4FC769CC26; Tue, 13 Oct 2015 12:16:33 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on lipwig.itsacon.net X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=ALL_TRUSTED,BAYES_05 autolearn=ham autolearn_force=no version=3.4.1 Received: from [10.80.100.182] (D57DFE2D.static.ziggozakelijk.nl [213.125.254.45]) by lipwig.itsacon.net (Postfix) with ESMTPSA id 008569CC21 for ; Tue, 13 Oct 2015 12:16:32 +0200 (CEST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.98.7 at lipwig.itsacon.net Message-ID: <561CD9FD.6020204@itsacon.net> Date: Tue, 13 Oct 2015 12:16:29 +0200 From: "B.J.Scharp" User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Unbound as local DNS cacher, overwrite some domains Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Oct 2015 10:26:27 -0000 Hello, I have a setup where there are several machines on a LAN that have both internal and external addresses. I would like to use Unbound as a local DNS cacher that provides the internal address when queried, while the external (authoritive) DNS gives the external address. Example: mail.example.org is on the LAN. If a laptop is used on-site, the DHCP gives the FreeBSD server as the primary DNS server. That DNS server returns the LAN address when queried for mail.example.org, but defers to a higher-up machine when queried for, E.G., www.google.com Next the laptop is taken out of the LAN, and when it queries the external DNS for mail.example.org, it gets the WAN address for the server. (for this reason I don't want to use the hosts file on the laptop, nor use addresses like example.local). So basically, I want Unbound to be authorative for some addresses, but not necessarily for entire domains (not all hosts for the domain are on that LAN, so for most queries, the normal authorative DNS can be used). It's more like a LAN-wide hosts file. Is this possible with Unbound, and if so, where do I start? Regards, Bernard