Hello,
Just wondering what is considered the best practice for local DNS resolution when using Unbound and dnsmasq together: Unbound running as primary resolver on port 53 and forwarding to dnsmasq on some other port for the local domain? Or vice versa, i.e. dnsmasq on port 53 forwarding non-local queries to Unbound? I'm currently using the latter setup (dnsmasq 53 --> Unbound 5353) but am wondering if the other setup (Unbound 53 --> dnsmasq 5353) would be better in some way. The documentation includes both options as valid.
I recall having some issues when I initially tried Unbound --> dnsmasq, specifically Unbound sometimes randomly stopped forwarding local queries to dnsmasq, but that was in the early days of the transition away from ISC DHCP so it may have been a bug that was since fixed.
For the Unbound --> dnsmasq case, what happens for queries to local non-FQDN host names? For example, if my local domain is home.lan, I would configure Unbound to forward queries for home.lan to dnsmasq; so queries for my-pc.home.lan (for example) would be properly forwarded, no problem there. But what about non-FQDN queries to my-pc without a domain? How would Unbound know to forward those as well?
Thanks!
Read this section from start to finish, it answers all questions, with examples.
https://docs.opnsense.org/manual/dnsmasq.html#dhcpv4-with-dns-registration