DNS Resolver Configuration Questions



  • Hi all,

    I have a two very quick questions regarding the configuration of the DNS Resolver (Unbound):

    For the setting, "Network Interfaces" by default "All" is checked.  However, is there any reason to select anything more than just the local subnet (LAN) interfaces?
    For the setting, "Outgoing Network Interfaces" by default "All" is also checked.  For this option, does only WAN need to be selected, or both WAN and all the local subnet (LAN) interfaces?

    Thanks in advance for the clarification, I really appreciate it.


  • LAYER 8 Global Moderator

    The only reason you would need to select more than wan for outgoing is if you have some downstream dns you need to talk to talk for say a domain override.  Or you have more than one wan that might be able to go outbound and talk to dns.

    No there is no reason to listen any anything other than your lan, or other local interfaces.

    All is just the default to make it more user proof.. ;)



  • I had written a follow up question and note but later deleted the post…resubmitting a new question based on some basic testing.

    • I see a interface for pfBlockerNG, specifically: "10.10.10.1 (pfB DNSBL - DO NOT EDIT)", I see this for both interface for both "Network Interfaces" and "Outgoing Network Interfaces". I am using pfBlockerNG/DNSBL(both to deny inbound and outbound). Should one select "10.10.10.1 (pfB DNSBL - DO NOT EDIT)" interface for both "Network Interfaces" and "Outgoing Network Interfaces"?

    • If you have a VPN provider (interface setup for VPN) and wish to have your DNS resolver use the VPN for its queries do you select this interface for "Outgoing Network Interfaces"?

    I tried testing different variations, checked my DNS leaks at dnsleaktest.com and found if I chose VPN provider and WAN I got leaks??? Left it at All for both "Network Interfaces" and "Outgoing Network Interfaces" until I understand this more.

    Any thoughts or feedback?

    Thanks


Log in to reply