Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Correct config for multi-wan unbound

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 2 Posters 631 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      Jtb
      last edited by

      Hi,

      I'm wondering what happens if pfsense has multi-wan but no forwarders are configured:

      From the documentation:

      Enable DNSSEC Support: Uses DNSSEC to validate DNS queries. Be aware that it is recommended to disable forwarding and allow Unbound to handle all DNS resolution via root servers, which is the default behavior.

      Enable Forwarding Mode: Controls whether Unbound will query root servers directly (unchecked, disabled) or if queries will be forwarded to the upstream DNS servers defined under System > General or those obtained by DHCP/PPPoE/etc (checked, enabled). Forwarding mode may be enabled if the upstream DNS servers are trusted and also provide DNSSEC support. Forwarding mode is necessary for Multi-WAN Configurations.

      And why is forwarding mode necessary for Multi-WAN?

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        It's not strictly necessary, but that's the easiest way to accommodate the routing from the host itself in multi-WAN scenarios.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.