Unbound stop root server lookup
jabley at hopcount.ca
Thu Sep 5 21:58:23 UTC 2019
> On Sep 5, 2019, at 16:23, Guevara, Daniel via Unbound-users <unbound-users at nlnetlabs.nl> wrote:
> Rather than putting rules for all 26 root servers (both udp and tcp on port 53), it was easier for me to test by allowing all outbound (0.0.0.0/0) on port 53.
A minor correction; 13 root servers but 26 root server addresses (each
currently has one IPv4 and one IPv6 address).
Note also that the root servers are not the only things you need to be
able to reach if you want your nameserver to operate with full
recursive lookups and you want to be able to resolve things outside
the root, arpa and root-servers.net zones.
More information about the Unbound-users