dynamic ip host & auto dns changes
Jan Komissar (jkomissa)
jkomissa at cisco.com
Mon Sep 18 20:23:54 UTC 2017
1. Unbound does not use resolv.conf nor does it depend on your ISP name servers. Instead it does its own DNS resolution by querying internet name servers starting with the DNS root zone. Local zones are looked up before any resolution happens.
2. If you must use your ISP name servers, you must configure a forward-zone option for the root zone (.) pointing to them, and then you need to detect when the ISP name server address(es) change(s) and use the unbound-control forward_remove and forward_add commands to change the settings. (My ISPs have rarely, if ever, changed their DNS server addresses, there is hardly ever a reason to do that. I would just set up the forward-zone and handle DNS changes manually, maybe write a script to translate resolv.conf nameservers to unbound-control commands.)
On 9/18/17, 3:05 PM, "Unbound-users on behalf of Ernie Luzar via Unbound-users" <unbound-users-bounces at unbound.net on behalf of unbound-users at unbound.net> wrote:
A. Schulze via Unbound-users wrote:
> Am 18.09.2017 um 14:57 schrieb Ernie Luzar via Unbound-users:
>> Hello list.
>> I have installed the unbound port on Freebsd release 11.1. My host gets
>> an dynamic ip address assigned from the ISP service I am using. This is
>> all very common and normal. But as we all know, the ISP can change not
>> only the assigned ip address on the fly but also the dns servers ip
>> addresses. When this occurs the /etc/resolv.conf file gets updated
>> automatically on the fly.
>> From reading about unbound I get the concept that unbound is designed
>> for hosts that have static ip addresses. IE; the dns ip addresses have
>> to be manually placed in /etc/resolv.conf and will not change without
>> prior written notice.
>> For this usage /etc/resolv.conf get populated with
>> "nameserver 127.0.0.1"
>> and unbound.conf needs the forward-zone: section with the static dns ip
> which "static dns ip address" do you like to see there?
>> Now my question is, is there any way to configure unbound so when the
>> dynimic dns ip addresses change unbound will contuine to work
>> automatically. IE; no human manual editing of the unbound.conf file.
> simply do no forwarding at all. Let unbound do it's job:
> - offer recursiver resolution on 127.0.0.1
> - resolve names as usual from the root
> You're not required to *use* the ISP's dnsserver even if they are offered.
I think maybe I was un-clear. Most of the original post is describing
the differences between how the /etc/resolv.conf file is populated based
on the host having a static or dynamic ip address.
Asking my question a different way.
How doe's unbound interact with the hosts /etc/resolv.conf file?
How do dns requests arriving at the host from the LAN get directed first
to unbound "local-zone: fqdn always_nxdomain" list and then use the
"nameservers x.x.x.x" listed in the hosts /etc/resolv.conf file to
complete the dsn request?
Please provide example of the unbound.conf statements to get this to happen.
More information about the Unbound-users