Unbound vs Dnsmasq

Started by spetrillo, May 29, 2019, 03:04:42 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 29, 2019, 03:04:42 AM
Being a newbie with OPNsense I am trying to determine what comes with the default install. I noticed that Unbound DNS is enabled by default, whereas DNSMasq is not. Is there a rationale to use one vs the other, and if you do not use the other one should you uninstall it?
June 03, 2019, 04:25:02 PM #1
In the default modes Unbound is safer and leaks less of your privacy or at least makes it harder to be meddled with by your ISP. Some ISPs meddle so much that Unbound breaks where you have to set it to forwarder mode to keep working using your ISPs server instead of root servers.

Dnsmasq does the same thing as the Unbound forward mode, but it doesn't cache your results.

The reason we still have both in the base install is because Dnsmasq used to be the default but now it's Unbound and we don't want to break older setups by moving Dnsmasq to a plugin prematurely.


Cheers,
Franco
June 03, 2019, 05:20:59 PM #2
So I do not enable Dnsmaq and I am good...thanks!
June 03, 2019, 05:42:15 PM #3
Basically yes. If you want super light footprint forwarding Dnsmasq might do the trick. Otherwise Unbound is the way to go these days.


Cheers,
Franco
June 03, 2019, 10:20:28 PM #4
Ahhh so what is really the difference is that Unbound is an authoritative DNS, whereas Dnsmasq will forward to an authoritative source. Now that makes sense. Staying with Unbound then.
June 05, 2019, 09:52:26 PM #5
Yes, well, almost, I think Unbound has issues with CNAME...


Cheers,
Franco
Print
Go Up Pages1
User actions