38 lines
1.1 KiB
Plaintext
38 lines
1.1 KiB
Plaintext
|
server:
|
|||
|
|
do-daemonize: no
|
|||
|
|
|
|||
|
|
interface: 0.0.0.0
|
|||
|
|
interface: ::
|
|||
|
|
access-control: 172.31.0.0/16 allow
|
|||
|
|
access-control: fd4a:8c4:c28b::/48 allow
|
|||
|
|
|
|||
|
|
log-queries: yes
|
|||
|
|
log-replies: yes
|
|||
|
|
log-servfail: yes
|
|||
|
|
logfile: ""
|
|||
|
|
|
|||
|
|
local-zone: "31.172.in-addr.arpa" nodefault
|
|||
|
|
local-zone: "d.f.ip6.arpa" nodefault
|
|||
|
|
|
|||
|
|
domain-insecure: "example"
|
|||
|
|
domain-insecure: "31.172.in-addr.arpa"
|
|||
|
|
domain-insecure: "b.8.2.c.4.c.8.0.a.4.d.f.ip6.arpa"
|
|||
|
|
|
|||
|
|
# Pour une raison que j’ignore, mettre stub-addr: 127.0.0.1@1053 entraîne
|
|||
|
|
# un SERVFAIL. On dirait qu’unbound n’arrive pas à communiquer avec nsd.
|
|||
|
|
# Il faut que nsd écoute sur toutes les interfaces dans le conteneur et
|
|||
|
|
# que, dans la configuration d’unbound, le stub-addr soit l’IP privée et pas
|
|||
|
|
# la boucle locale, pour que ça marche.
|
|||
|
|
|
|||
|
|
stub-zone:
|
|||
|
|
name: "example"
|
|||
|
|
stub-addr: 172.31.0.53@1053
|
|||
|
|
|
|||
|
|
stub-zone:
|
|||
|
|
name: "31.172.in-addr.arpa"
|
|||
|
|
stub-addr: 172.31.0.53@1053
|
|||
|
|
|
|||
|
|
stub-zone:
|
|||
|
|
name: "b.8.2.c.4.c.8.0.a.4.d.f.ip6.arpa"
|
|||
|
|
stub-addr: 172.31.0.53@1053
|