Different forwarder based on source IP address that makes DNS query

[iz8mbw]

Hi all. It will be nice if in unbound is possible to specify different (multiple) forwarder (forward-addr) based on the source IP that makes the query.

For example: Leave 1.1.1.1 and 1.0.0.1 as default forward-addr Specify as forward-addr 1.1.1.2 if the source IP are 192.168.1.2 and 192.168.1.3 Specify as forward-addr 1.1.1.3 if the source IP are 192.168.1.4 and 192.168.1.5 Specify as forward-addr 8.8.8.8 if the source Network IP is 10.10.10.0/24

Is it already possible to do that?

Thank you!

[ralphdolmans]

Is it already possible to do that?

The selection of the forward address to use based on the client source address is currently not supported in Unbound.

We, for some time already, have the idea to extend the current view support with stub- and forward-zones to make this possible. This is, however, quite a big feature to implement, as this requires to have a cache per view. Implementing this is not something we have currently scheduled for the near future.

[dyunwei]

The feature is cool, look forward to using it in the near future.

[iz8mbw]

@ralphdolmans @wcawijngaards guys any news about that? Many thanks for you work!!

[jeanseb6wind]

Hello, any news about this feature ?

[Cidan]

I also would like this feature to be implemented. Unbound is the DNS resolver used in pfSense, and using this feature would make safe family filtering much easier to setup.

[9r00t-z]

:+1:

[OGrigorios]

This feature would help me to implement Unbound as the backbone DNS in our company. For example: Unbound would forward queries send by remote clients, to the VPN DNS server and If queries come from within the local LAN, it would forward the queries to the other DNS server, returning non VPN IP-Addresses.

[Arut42]

3 years have passed, are there already plans?

[wcawijngaards]

Vague future plans for improvement in allowing more configuration options exist. This can be found on plans into the further future developments.