forward to internal private server? about hblock-resolver HOT 5 OPEN

Not the base way to do it i bet but it works.

mount in docker compose

• ./kresd4.conf.d/065-local-domains.conf:/etc/knot-resolver/kresd.conf.d/065-local-forward.conf

-- Forward local DNS queries to local domain server.

internalDomains = policy.todnames(
{'your.domain.local',
'10.in-addr.arpa',
'172.in-addr.arpa',
'168.192.in-addr.arpa',
'0.0.f.f.c.1.4.2.5.d.1.9.d.f.ip6.arpa'}
)
policy.add(policy.suffix(policy.FLAGS({'NO_CACHE'}), internalDomains))
policy.add(policy.suffix(policy.FLAGS({'NO_EDNS'}), internalDomains))
policy.add(policy.suffix(policy.STUB({'192.168.91.50'}), internalDomains))

-- needed to allow internal domains
modules.unload('rebinding')

from hblock-resolver.

--mount type=bind,src=/etc/knot-resolver/local.conf,dst=/etc/knot-resolver/kresd.conf.d/090-policy-forward.conf \

cat local.conf

policy.add( policy.all(
policy.FORWARD( {'99.88.77.66@53'})))

I tried to work out the lua code to parse the env.. (not knowing lua..)

Stopped the timer at :30.. here we are..

from hblock-resolver.

This project is currently set up to forward queries to DoT servers.

But you can easily change this by replacing the 090-policy-forward.conf file as you are doing now. I see the change you made to that file is correct. It doesn't work?

By the way, I just replaced my custom Caddy fork with the official Traefik image in the deployment examples.

from hblock-resolver.

Thank you .. that looks better than mine..

Also..

-- turns off DNSSEC validation
trust_anchors.remove('.')

Usually I do this as I'm using NextDNS upstream and they do dnssec..

will test but:

trust_anchors.remove('your.domain.local.', '10.in-addr.arpa.', 'etc..' )

I never found the rebinding.. I wonder if that was other problems I was having..

Thank you..

from hblock-resolver.

Ah i use the knot DNS inside a container along side this one to host my own internal zones.
Knot DNS fixes the DNSSEC part.

from hblock-resolver.