Feature request

Tony Finch dot at dotat.at
Mon Mar 11 13:08:43 UTC 2019

Yuri via Unbound-users <unbound-users at nlnetlabs.nl> wrote:
> For DNS interception (to Unbound, of course) I'm using PBR:
> ip access-list extended intercept-ports
>  permit udp any any eq domain
>  permit tcp any any eq domain
>  deny   ip any any
> !
> !
> route-map redirect_dns permit 30
>  match ip address intercept-ports
>  set ip next-hop
> !
> which processes on router CPU and sometimes overload them.

That sounds to me like something that should be solvable with a
configuration fix. Maybe this?

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Sole, Lundy, Fastnet: Southwest veering west later, 6 to gale 8, occasionally
severe gale 9. Very rough, occasionally high. Occasional rain. Good
occasionally poor.

More information about the Unbound-users mailing list