prevent unbound from attempting to contact root servers?
A. Schulze
sca at andreasschulze.de
Thu Nov 17 15:32:02 UTC 2016
Sonic via Unbound-users:
> On Wed, Nov 16, 2016 at 3:21 PM, James Ralston via Unbound-users
> <unbound-users at unbound.net> wrote:
>> module-config: "iterator"
>
> On the systems where I'm using just 'module-config: "iterator"' there
> is no root.hints or named.cache file and no attempt is made by unbound
> to contact the root servers.
I use to let module-config to whatever is unbound's default. I don't
mention it in unbound.conf
On a stupid forwarder without DNSSEC validation I use something like this:
forward-zone:
name: "."
forward-addr: 192.0.53.53
server:
local-zone: "10.in-addr.arpa." transparent
ip-address: 127.0.0.1
do-ip6: no
chroot: /chroot/unbound
do-daemonize: no
logfile: ""
pidfile: ""
remote-control:
control-enable: yes
control-interface: /run/unbound.control-interface
control-use-cert: no
Andreas
More information about the Unbound-users
mailing list