FreeBSD recommends not using base unbound for an authoritative server

jungle Boogie jungleboogie0 at gmail.com
Wed Mar 18 19:05:23 UTC 2015


Hi Bato,
On 17 March 2015 at 17:46, Baho Utot <baho-utot at columbus.rr.com> wrote:
>
>
> On 03/17/15 19:28, Stephen R Guglielmo wrote:
>>
>> On Tue, 17 Mar 2015 16:25:09 -0700
>> Chris Stankevitz <chrisstankevitz at gmail.com> wrote:
>>>
>>> For the same reasons, I'd like to run the base system's unbound to
>>> authoritatively host my DNS... but FreeBSD is discouraging me in
>>> section 29.7.2 of the manual.  Why the discouragement?
>>
>> Unbound is only a validating caching resolver. It *can't* be
>> authoritative.
>
>
> I am using unbound as an authoritative DNS resolver for my home network,  it
> also is the caching resolver.

> It runs on a raspberry pi under FreeBSD 11.

Does that mean you're using it to resolve hostnames on your local
network, or is your raspberry pi actually resolving example.com for
requests?
If it's the former, that means you're adding A records in unbound.conf
and then setting your clients to raspberry pi IP in /etc/resolv.conf

If it's the latter, hopefully you have a backup NS and it's something
a) outside of your home where the raspberry pi is and b) something
more substantial than the raspberry pi.

See:
https://unbound.net/pipermail/unbound-users/2008-May/000063.html

>
>
>
>


-- 
-------
inum: 883510009027723
sip: jungleboogie at sip2sip.info
xmpp: jungle-boogie at jit.si


More information about the freebsd-questions mailing list