|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Unbound and states
I'm running Unbound with the following configuration file:
Code:
# unbound.conf ~ DNS resolver configuration file server: interface: 10.0.20.15 interface: 127.0.0.1 do-ip6: no access-control: 0.0.0.0/0 refuse access-control: 127.0.0.0/8 allow access-control: 10.0.5.0/24 allow access-control: 10.0.10.0/24 allow access-control: 10.0.20.0/24 allow access-control: ::0/0 refuse hide-identity: yes hide-version: yes # Enable DNSSEC validation. auto-trust-anchor-file: "/var/unbound/db/root.key" # Use root DNS servers root-hints: "/var/unbound/etc/root.hints" I'm thinking that Unbound is querying the root DNS servers, but 300+ states? |
|
|||
I set that to "true" but it did not work. In fact, the next avalanche of states was over 1,000. The states expire in a couple of minutes.
It has to be the root DNS servers branching out to other DNS servers for name resolution. |
|
|||
You can turn up unbound's logging to see all the domains it is resolving.
Or you can can watch the interface with tcpdump which also shows you the domain being requested. Tim. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Unbound Database | daemonbak | OpenBSD General | 2 | 21st July 2015 03:28 AM |
Unbound Troubleshoot | Peter_APIIT | OpenBSD General | 13 | 26th June 2015 02:00 AM |
directing DNS queries to local unbound? | 22decembre | OpenBSD Security | 16 | 28th December 2014 04:52 AM |
DNSCrypt and local Unbound resolver | Oko | OpenBSD Security | 1 | 28th December 2014 12:54 AM |
flush states pfctl | joostvgh | OpenBSD Security | 3 | 27th January 2010 06:50 PM |