in our internal network we have multiple VMs and they have hostnames like vm1.mycompany.com. I’ve put vm1 to ipcop the DHCP with the static address 192.168.x.y and added that IP and name to the ipcop “hosts”-file via webinterface. However: some subdomains like dmz.mycompany.com are also worldwide resolvable as they point to e.g. our DMZ. We use our own nameserver (ns.example.com) for the zone mycompany.com.
That works fine most of the time. The problem now is that suddenly ipfire tries to resolve vm1.mycompany.com via our nameserver and it responds with NXDOMAIN of course. Restarting unbound via ssh on ipcop solves the problem temporally.
But from my understanding it shouldn’t use unbound at all, because ipcop already knows the address from the “/etc/hosts”?! Internal hosts and zones should be top priority.