Date: Sun, 02 Nov 2014 01:52:08 -0300 From: Joseph Mingrone <jrm@ftfl.ca> To: freebsd-questions@freebsd.org Subject: local_unbound and dnscrypt-proxy Message-ID: <86lhnup5l3.fsf@gly.ftfl.ca>
next in thread | raw e-mail | index | archive | help
Hi,
I just upgraded to from 9-STABLE to 10-STABLE. On 9-STABLE I used
dnscrypt-proxy along with unbound from ports. I'm trying to reproduce
the old setup with the local_unbound included in FreeBSD 10. My current
configuration is below. If I comment out «include: /var/unbound/forward.conf» from
unbound.conf, resolving works, so it seems local_unbound is working OK.
If I change /etc/resolv.conf to use «nameserver 127.0.0.2»
(dnscrypt-proxy) instead of 127.0.0.1 (unbound) resolving works. So it
seems the forwarding is not working. Am I missing something?
Also, I have to comment out «unbound_conf="/var/unbound/forward.conf"»
from /etc/resolvconf.conf, otherwise forward.conf gets blanked.
Thanks,
Joseph
% cat /var/unbound/unbound.conf
server:
auto-trust-anchor-file: /var/unbound/root.key
directory: /var/unbound
do-not-query-localhost: no
chroot: /var/unbound
pidfile: /var/run/local_unbound.pid
username: unbound
use-syslog: yes
verbosity: 1
#include: /var/unbound/forward.conf
include: /var/unbound/lan-zones.conf
include: /var/unbound/conf.d/*.conf
% cat /var/unbound/forward.conf
forward-zone:
name: "."
forward-addr: 127.0.0.2@53
% cat /etc/resolvconf.conf
resolv_conf="/dev/null" # prevent updating /etc/resolv.conf
#unbound_conf="/var/unbound/forward.conf"
unbound_pid="/var/run/local_unbound.pid"
unbound_service="local_unbound"
unbound_restart="service local_unbound reload"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86lhnup5l3.fsf>