Michael Powell nightrecon at hotmail.com
Wed Aug 19 00:00:16 UTC 2015

Antoine Kallab wrote:

> Hi all,
> I can't seem to get unbound to resolve DNS requests coming from any
> machine other than localhost. I am not sure what I'm doing wrong, and
> would appreciate some guidance.
> The other computer that's asking for resolution has an IP address of
> It can ping Internet IP addresses, it just can't resolve domain names.
> Its address, DNS, and gateway settings are all being handled by the
> DHCP server also running on my BSD server.
> (It felt impolite dumping all of my files in to an E-Mail, so I put
> them on Pastebin. Hope that's okay)
> Here's my /var/unbound/unbound.conf:
> http://pastebin.com/ZKqsn5dV
> The relevant sections of my /etc/rc.conf that deal with setting
> addresses for the NICs:
> http://pastebin.com/n5RxzePF
> Here is my /usr/local/etc/dhcpd.conf:
> http://pastebin.com/CQydK4MC
> I double and triple checked to make sure my firewall wasn't getting in the
> way. But just in case, here's my /etc/pf.conf:
> http://pastebin.com/Ews1t9QN

I just began looking at replacing Bind since after last portupgrade to the 
latest and greatest broke the named chroot environment which has served me 
well for so long. Waiting to see if it is going to be fixed, or if bind is 
going to be ignored from now on. Hedging my bets with a plan B.

The unbound that ships with the OS is really only designed to be a resolver 
for the local machine, at least as far as I know at this point in my meager 
research. If you need services more like you may have been accustomed to 
with Bind you may wish to take a look at the unbound in the ports tree:  
/usr/ports/dns/unound. Didn't know about this one until some wise chap on 
irc hit me with the clue bat.


