local_unbound and dnscrypt-proxy
Joseph Mingrone
jrm at ftfl.ca
Sun Nov 2 04:52:27 UTC 2014
Hi,
I just upgraded to from 9-STABLE to 10-STABLE. On 9-STABLE I used
dnscrypt-proxy along with unbound from ports. I'm trying to reproduce
the old setup with the local_unbound included in FreeBSD 10. My current
configuration is below. If I comment out «include: /var/unbound/forward.conf» from
unbound.conf, resolving works, so it seems local_unbound is working OK.
If I change /etc/resolv.conf to use «nameserver 127.0.0.2»
(dnscrypt-proxy) instead of 127.0.0.1 (unbound) resolving works. So it
seems the forwarding is not working. Am I missing something?
Also, I have to comment out «unbound_conf="/var/unbound/forward.conf"»
from /etc/resolvconf.conf, otherwise forward.conf gets blanked.
Thanks,
Joseph
% cat /var/unbound/unbound.conf
server:
auto-trust-anchor-file: /var/unbound/root.key
directory: /var/unbound
do-not-query-localhost: no
chroot: /var/unbound
pidfile: /var/run/local_unbound.pid
username: unbound
use-syslog: yes
verbosity: 1
#include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/conf.d/*.conf
% cat /var/unbound/forward.conf
forward-zone:
name: "."
forward-addr: 127.0.0.2 at 53
% cat /etc/resolvconf.conf
resolv_conf="/dev/null" # prevent updating /etc/resolv.conf
#unbound_conf="/var/unbound/forward.conf"
unbound_pid="/var/run/local_unbound.pid"
unbound_service="local_unbound"
unbound_restart="service local_unbound reload"
More information about the freebsd-questions
mailing list