Hello folks,
observing quite strange thing:
having two specific DNSec NS in the OPNsense/System/Settings/General with the option "Allow DNS server list to be overridden by DHCP/PPP on WAN" disable.
The problem is that in the tcpdump I can see the localhost is actually requesting addresses from many more public NS than from those two specified.
Does any of you have an idea why this is happening and how to achieve to strictly request only specified upstream NS?
Many thanks!
UPDATE: all right, stupid me - there is the "Use system nameservers" in the Services/Unbound DNS/Query Forwarding section which does what I want to achieve.
That is because Unbound is a full DNS resolver. If you do not want that:
Check Services: Unbound DNS: Query Forwarding -> Use System Nameservers
You can also provide a specific DNS foward with an empty domain on the same page.
Quote from: meyergru on May 22, 2025, 03:44:01 PMThat is because Unbound is a full DNS resolver. If you do not want that:
Check Services: Unbound DNS: Query Forwarding -> Use System Nameservers
You can also provide a specific DNS foward with an empty domain on the same page.
Yep, found that by myself too, but thank you very much for spending time to reply, highly apreciated!