I'm actually trying to create a DNS resolver for my local network, to do so, I choosed to use unbound, so I installed it on an Arch Linux server, and it's working, but only for the local machine (127.0.0.1), not for the network (I want to open it to IP in the range 192.168.0.1-192.168.0.30, which I think correspond to 192.168.0.0/27), but I can't find what's wrong with my configuration file, the resolver simply respond when I do "dig @127.0.0.1 example.com" or "dig @192.168.0.2 example.com" on the local machine but not when I do it on other computer of the network (which is 192.168.0.4, if you want to know), I get no error from unbound, it simply don't seem to get the request from the computer which is part of the local network.
Here is the config file I use :
server:
# Maximum verbosity
verbosity: 5
# Answer queries from
# The local machine
interface: 127.0.0.1
interface: ::1
# The local machine on the network
interface: 192.168.0.2
# Default DNS port
port: 53
# Save in cache for an hour to a day
cache-min-ttl: 3600
cache-max-ttl: 86400
# Enable IPv4, IPv6, UDP and TCP requests
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
# Launch in a deamon (temporarily disabled)
# do-daemonize: yes
# Deny all the Internet (temporarily refuse)
access-control: 0.0.0.0/0 refuse
access-control: ::0/0 refuse
# Allow localhost
access-control: 127.0.0.1 allow
access-control: ::1 allow
# Allow network from 192.168.0.0 to 192.168.0.30
access-control: 192.168.0.0/27 allow
access-control: 2001:db8::/108 allow
# List of DNS root zone (automatically downloaded every 5 days with a CRON)
root-hints: "named.cache"
# Hide identity and version
hide-identity: yes
hide-version: yes
# Localhost
private-address: 127.0.0.1
private-address: ::1
# Network
private-address: 192.168.0.0/27
private-address: 2001:db8::/108
# Prevent from resolving network IPs
do-not-query-address: 192.168.0.0/27
do-not-query-localhost: yes
# Prefetch old-cached DNS responses
prefetch: yes
Thanks in advance for your responses.
Best Answer
Check whether you have a firewall running. That would allow the local answers but inbound queries would be dropped.