Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
RFC Unbound: CNAMES
« previous
next »
Print
Pages: [
1
]
Author
Topic: RFC Unbound: CNAMES (Read 5284 times)
ruggerio
Sr. Member
Posts: 295
Karma: 11
RFC Unbound: CNAMES
«
on:
March 19, 2018, 12:58:25 pm »
Hello,
CNAMES are commonly used in Network Environments. Could you please add the Option in unbound to add CNAME's to existing A-Records?
Thanks,
Roger
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: RFC Unbound: CNAMES
«
Reply #1 on:
March 20, 2018, 07:21:56 am »
Hi Roger,
As a starting point... CNAME support was brought in and backed out again last year:
https://github.com/opnsense/core/pull/1617#issuecomment-299665206
Not sure what the state is now, but it was done at the contributor's request over concerns with the correctness in Unbound itself.
Cheers,
Franco
Logged
ruggerio
Sr. Member
Posts: 295
Karma: 11
Re: RFC Unbound: CNAMES
«
Reply #2 on:
March 20, 2018, 07:22:13 am »
Sorry about this.
After researching lots, i found, that unbound is no 100% the choose for this.
I changed to dnsmasq, which i know from Linux, it brings the functionality.
Question: is the actual implementation from dnsmasq in opnsense using dnssec?
Thx,
Roger
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: RFC Unbound: CNAMES
«
Reply #3 on:
March 20, 2018, 07:29:50 am »
DNSSEC is not yet implemented in Dnsmasq in OPNsense so far. That was one of the reasons for switching to Unbound as the default last year, although DNSSEC had to be backed out of default installs because too many providers mess with user DNS in the first place.
Cheers,
Franco
Logged
ruggerio
Sr. Member
Posts: 295
Karma: 11
Re: RFC Unbound: CNAMES
«
Reply #4 on:
March 20, 2018, 07:41:34 am »
Thx Franco,
Do exist plans to implement dnssec in dnsmasq for opnsense?
Thx,
Roger
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: RFC Unbound: CNAMES
«
Reply #5 on:
March 20, 2018, 07:43:11 am »
Yes, why not. although I'd kindly ask for a ticket and subsequent help in testing:
https://github.com/opnsense/core/issues
Best case also help in providing the configuration bits necessary to move this along quickly.
Cheers,
Franco
Logged
ruggerio
Sr. Member
Posts: 295
Karma: 11
Re: RFC Unbound: CNAMES
«
Reply #6 on:
March 20, 2018, 08:08:47 am »
Hi Franco,
Sorry, new to those processes
add DNSSEC-Support to DNSMASQ #2275
Of course i will help testing it.
Thx
Roger
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
RFC Unbound: CNAMES