DNS server address settings using DNS resolver

  • Been trying for some time to use DNS resolver (unbound - with pfblocker)

    Need to use non ISP provided DNS servers

    using OPENVPN interface  for most of the time so everything is thru that connection. (tried using openvpn client override with no luck)

    Worked fine when set in the DNS forwarder bit BUT when using resolver I cant find where to put theDNS server addresses to force the use of these servers .

    obviously missing something here so ant suggestions would be greatly appreciated

  • LAYER 8 Global Moderator

    "when using resolver I cant find where to put theDNS server addresses to force the use of these servers ."

    So you just not understanding what a resolver is then??  Why would you be setting dns with a resolver to use specific servers?  Resolver does that it resolves, it doesn't forward.  So it walks its way down from roots to the authoritative server for the domain your looking for..

    Are you wanting to use unbound in forwarder mode?

  • You're quite right my understanding of it is very poor and just fumbling around attempting to understand how it all functions BUT with a little help the result is way better than whats available in the consumer market!

    Looks like if I enable forwarding mode on the resolver my DNS is restored -Thanks!

  • LAYER 8 Global Moderator

    And forwarder mode to be honest in unbound is kind of pointless.. If your not going to use use unbound as resolver might as well just use the forwarder.  It allows you to forward to all the ns you have set at the same time and use the one that answers fastest for example.

    Unbound doesn't do that.

    Why can you not just use resolver mode - this gives you full dnssec support and you know your getting what your asking for from the horses mouth.. Not just some nameserver you asked hey whats in your cache for www.something.com

  • This is prob due to my lack of understanding BUT was under the impression that in order to use DNSBL in pfblocker the forwarder must be used which was the beginning of the problem. This was why I was using using Unbound. (all I required is a adblock plus result at a network level)

  • LAYER 8 Global Moderator

    no for dnsbl to work, you have to use unbound but you sure and the hell do not need to put it in forwarder mode.

  • Im confused….

    But without having it in forwarder mode how do I enforce my DNS servers

    So my question is how can I set all DNS requests to go to the DNS servers I have set in the General setting whilst using DNSBL?

  • LAYER 8 Global Moderator

    Why can you not just let unbound resolve how its suppose to?  Why do you give a shit that dns has to come from some chaching server??

    But if have your heart set on just asking ns abc for everything, then yes use unbound in forwarder mode..

    "Need to use non ISP provided DNS servers "

    You have to use these WHY???

  • well…... anonymity:  where I live the Government insists on keeping a record of everything done online so using the ISP DNS server will have every request logged  (not that the like NSA dont have a direct link to pretty much everything) And google is not much better.

    But some kinda separation is comforting as is an anonymous VPN  - So really anything that will make data collection harder an more costly has to be good!

    Actually not concerned over cashing - just thought DNSBL was an useful addition to blocking stuff- maybe Ive missed something?

    Thanks for your help!

Log in to reply