Ramblings on switching to dnsmasq from isc

Started by MildDisaster, May 24, 2025, 02:30:25 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
May 25, 2025, 02:38:49 AM #15
Quote from: Monviech (Cedrik) on May 24, 2025, 02:26:52 PMThough this is the case with all of what Opnsense offers, just look at the complexity of firewalling and NAT. Some meticulously craft their rulesets, others will go for any any any
which is an important reminder thanks.

I can understand the interest when new features like the Unbound/DNSmasq integration are released. My own network is simple in some ways, being home user(s) only, yet with different services (some public) separated vertically and horizontally with a strong emphasis on security with minimised damage from possible failure. Consequently I need to know clearly where new features fit, what are the alternatives, so I can maintain a clean and useable system. I shall keep happily batting along with Kea while looking for improvements as we always do.
Deciso DEC697
August 10, 2025, 05:18:48 PM #16
Thanks for the information in this thread.  I'm looking at all of this myself and am ... disappointed and confused.  Kea seems to have the options I want, even though I'm a small user, but no dynamic mappings with Unbound? Really?  Deal breaker.

That leaves me with Dnsmasq. I'm not a super-high, or even mid-level network guy so I'm struggling to understand Dnsmasq's DNS vs Unbound, or even how to forward it to Unbound.  I guess I'm old, coming from hand editing bind conf files - I find the OpnSense configuration options for Dnsmasq to be extremely confusing and am even unsure if it offers dynamic mappings.

I tried searching: does anyone have a simple A to B guide to move things over?
Print
Go Up Pages 1 2
User actions