Unbound: DNS requests to unspecified NS servers

Started by strfr, May 22, 2025, 03:27:56 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 22, 2025, 03:27:56 PM Last Edit: May 22, 2025, 03:42:48 PM by strfr
Hello folks,

observing quite strange thing:
having two specific DNSec NS in the OPNsense/System/Settings/General with the option "Allow DNS server list to be overridden by DHCP/PPP on WAN" disable.

The problem is that in the tcpdump I can see the localhost is actually requesting addresses from many more public NS than from those two specified.

Does any of you have an idea why this is happening and how to achieve to strictly request only specified upstream NS?

Many thanks!

UPDATE: all right, stupid me - there is the "Use system nameservers" in the Services/Unbound DNS/Query Forwarding section which does what I want to achieve.
May 22, 2025, 03:44:01 PM #1 Last Edit: May 22, 2025, 03:45:39 PM by meyergru
That is because Unbound is a full DNS resolver. If you do not want that:

Check Services: Unbound DNS: Query Forwarding -> Use System Nameservers

You can also provide a specific DNS foward with an empty domain on the same page.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
May 22, 2025, 04:27:11 PM #2
Quote from: meyergru on May 22, 2025, 03:44:01 PMThat is because Unbound is a full DNS resolver. If you do not want that:

Check Services: Unbound DNS: Query Forwarding -> Use System Nameservers

You can also provide a specific DNS foward with an empty domain on the same page.

Yep, found that by myself too, but thank you very much for spending time to reply, highly apreciated!
Print
Go Up Pages1
User actions