Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Resolver and Domain Overrides

    Scheduled Pinned Locked Moved
    DHCP and DNS
    7
    23
    16.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      phil.davis
      last edited by

      The Domain Overrides should end up in /var/unbound/domainoverrides.conf
      Have a look in there and check that it has reasonable content.
      After that, in DNS Resolver, Advanced Settings, you can set the "Log level verbosity". Then do "nslookup" from a client and see what comes in the DNS Resolver log. It might give some hints about why the resolver request is not being sent to where you expect.
      So far I have only used Domain Overrides for internal domains, pointing to internal authoritative DNS servers, so I can't confirm if there is an issue with domain overrides to public DNS servers.

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      • G
        gjaltemba
        last edited by

        @soloam:

        Domain Overrides:

        • Domain: thepiratebay.se
        • IP: 199.27.135.8

        I believe the entry should be in Host Override. 199.27.135.8 is a your target ip. Domain overrides specify the ip for a DNS server.

        1 Reply Last reply Reply Quote 0
        • SoloamS
          Soloam
          last edited by

          /var/unbound/domainoverrides.conf

          stub-zone:
	name: "thepiratebay.se"
	stub-addr: 199.27.135.8
	stub-prime: no
          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            Yes, here are some nslookup results:

            Non-authoritative answer:
Name:    thepiratebay.se
Addresses:  2400:cb00:2048:1::c71b:8708
          2400:cb00:2048:1::c71b:8608
          199.27.134.8
          199.27.135.8

            Non-authoritative answer:
Name:    www.thepiratebay.se
Addresses:  2400:cb00:2048:1::c71b:8608
          2400:cb00:2048:1::c71b:8708
          199.27.134.8
          199.27.135.8

            But maybe the DNS server for thepiratebay.se is at 199.27.135.8 as well as the web site itself.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • G
              gjaltemba
              last edited by

              If it is then it is down at the moment

              nslookup

              server  199.27.134.8
              Default server: 199.27.134.8
              Address: 199.27.134.8#53
              thepiratebay.se
              ;; connection timed out; no servers could be reached

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by

                @soloam:

                /var/unbound/domainoverrides.conf

                stub-zone:
	name: "thepiratebay.se"
	stub-addr: 199.27.135.8
	stub-prime: no

                That's correct if 199.27.135.8 actually answered DNS queries. It doesn't. If it ever responded with that config, it was at a time when that IP actually resolved DNS, and it doesn't now. Nothing to do with DNS Resolver or Forwarder, that's just not a valid config.

                1 Reply Last reply Reply Quote 0
                • SoloamS
                  Soloam
                  last edited by

                  Hello all, the problem is solved, I changed the rule from Domain Overrides to Host Overrides and all started working again. I don't know what is wrong with Domain Overrides but now it's working

                  Thank You for all your help
                  Best Regards

                  1 Reply Last reply Reply Quote 0
                  • GruensFroeschliG
                    GruensFroeschli
                    last edited by

                    With a Domain Override you override the default DNS server with a specific one for a specific domain.

                    With Host Overrides you change the way you resolve domains locally.

                    We do what we must, because we can.

                    Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                    1 Reply Last reply Reply Quote 0
                    • SoloamS
                      Soloam
                      last edited by

                      From what you say, it looks that what I would what is the Domain Override, but I had to change it. In the DNS Forwarder I had it working with the Domain Override. I'll try to find the problem so that I can get it back working with the Domain Override.

                      Thank You

                      1 Reply Last reply Reply Quote 0
                      • C
                        cmb
                        last edited by

                        With the domain override, you're telling it "to lookup queries for *.thepiratebay.se, use DNS server at 199.27.135.8". Since 199.27.135.8 doesn't reply to DNS, that doesn't work.

                        When you add a host override for thepiratebay.se with 199.27.135.8, that tells the system "resolve thepiratebay.se as 199.27.135.8". That overrides it locally without needing any other server for resolution.

                        The first, as 199.27.135.8 is currently configured, would never have worked because it doesn't reply to DNS.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.