Hello,

I try to create a bit strange setup. I use unbound as a caching server
and it works fine. Then, I need it to resolve only limited set of
domains, so I add something like:

do-not-query-address: 127.0.0.0/8

forward-zone:
name: "incapdns.net."
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

forward-zone:
name: "."
forward-addr: 127.0.0.255

to the config and all that unbound can resolve is incapdns.net domain.


Now it the tricky part. In our company we have a domain that is on
external DNSes and it warks fine but I need to have several records
modified. Say, if you query for mail.domain.com from outside it answer
you with IP of our office but if you query the same name from inside the
LAN it should answer you with LAN address of mail server.

So what I'd like to do is to have something like that:

local-zone: "domain.com" typetransparent
local-data: "mail.domain.com A 192.168.17.2"

but this won't work.

How can I create the setup I need? I understand this is the case where
split zone fits nicely but then I'll need to maintain the whole zone
both remotely and locally, and I'd like to forward it to zone's DNSes
for all records but for these that I have locally.

Thank you in advance,
Alexander