should resolve names to ip addresses
log reports all queries come back with dnssec == BOGUS
84v805797v
This must be something simple that I am not understanding. I'm configured for OpenDNS upstream -- do they not support DNSSEC?
Sorry for the interruption. It appears that OpenDNS don't support DNSSEC. I assumed they did, since they are a pretty big player. My bad.
if you would like decent DNSSEC check out this article Redirecting... Been running it myself for just over a week and speeds and security are perfect
What does unbound use for upstream DNS? Couldn't figure that out looking at the article or the .conf file. I use OpenDNS for other reasons, and since they don't support DNSSEC, it seems like it would be moot. They do support DNSCrypt.
unbound is its own resolver thus giving you FULL control over your own DNS queries basically unbound becomes your upstream and doesn't need anything further upstream to function properly
So reading further, it always consults authoritative servers, which means it wouldn't use OpenDNS, and I am using some of the "value add" that OpenDNS provides, so that seems like a non-starter in my case.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.