Hi everybody,
I just came across the fact that unbound by default answers “nxdomain” on queries about private (RFC1918) IPs. My solution: I added a file like /etc/unbound/local.d/rfc1918.conf:
server:
interface: 0.0.0.0
interface-automatic: yes
access-control: 10.0.0.0/16 allow
access-control: 127.0.0.0/8 allow
access-control: 172.16.0.0/12 allow
access-control: 192.168.0.0/16 allow
verbosity: 1
local-zone: "10.in-addr.arpa." nodefault
local-zone: "16.172.in-addr.arpa." nodefault
local-zone: "17.172.in-addr.arpa." nodefault
local-zone: "18.172.in-addr.arpa." nodefault
local-zone: "19.172.in-addr.arpa." nodefault
local-zone: "20.172.in-addr.arpa." nodefault
local-zone: "21.172.in-addr.arpa." nodefault
local-zone: "22.172.in-addr.arpa." nodefault
local-zone: "23.172.in-addr.arpa." nodefault
local-zone: "24.172.in-addr.arpa." nodefault
local-zone: "25.172.in-addr.arpa." nodefault
local-zone: "26.172.in-addr.arpa." nodefault
local-zone: "27.172.in-addr.arpa." nodefault
local-zone: "28.172.in-addr.arpa." nodefault
local-zone: "29.172.in-addr.arpa." nodefault
local-zone: "30.172.in-addr.arpa." nodefault
local-zone: "31.172.in-addr.arpa." nodefault
local-zone: "168.192.in-addr.arpa." nodefault
Now I can add DNS redirection for such zones in the WUI like
1.168.192.in-addr.arpa. → e.g. 192.168.1.100
This may also help with an old topic from 2021 (Local DNS (reverse) lookup not working on forwarded zones) .
Any objections? Did I break anything ;-)?
All the best
Dirk