Unbound root hints, and auto-trust anchor question



  • Where does unbound keep these files and how can I forcibly update them?



  • /var/unbound: cat unbound.conf | grep -i trust
    auto-trust-anchor-file: /var/unbound/root.key
    

    I had a huge issue today w/ armstrong cable, they blocked dnssec for about 40mins today (i have pfsense @ multiple locations). I could not even forward requests. I am back looking at, and remembering unbound dns.

    DNS Forwarder worked great.....does it even do DNSSEC?

    I was trying to figure out if they were blocking just root servers, or all dns sec when it seem to come back online.

    Does anyone know why pfsense does not use a root.hints file? It seems like I must make sure I update pfsense so my root servers are correct?


Log in to reply