From owner-freebsd-net@freebsd.org Mon Aug 21 11:17:05 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A02FBDD3440 for ; Mon, 21 Aug 2017 11:17:05 +0000 (UTC) (envelope-from kiersb@xs4all.net) Received: from lb1-smtp-cloud9.xs4all.net (lb1-smtp-cloud9.xs4all.net [194.109.24.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.xs4all.net", Issuer "RapidSSL SHA256 CA - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4539B6AE49 for ; Mon, 21 Aug 2017 11:17:04 +0000 (UTC) (envelope-from kiersb@xs4all.net) Received: from peyote.xs4all.nl ([IPv6:2001:888:4:42::21]) by smtp-cloud9.xs4all.net with ESMTPSA id jkhadJK2EdRLjjkhadjJN8; Mon, 21 Aug 2017 13:17:02 +0200 Subject: Re: resolv.conf and a non-standard port To: Victor Sudakov Cc: freebsd-net@freebsd.org References: <20170821102354.GA44676@admin.sibptus.transneft.ru> <5e2bb578-a9c7-93fa-f144-d0a4302cb28c@xs4all.net> <20170821110400.GA45463@admin.sibptus.transneft.ru> From: Bert Kiers Organization: XS4ALL Message-ID: <569ac975-0f5c-131a-a236-67cff377ef6c@xs4all.net> Date: Mon, 21 Aug 2017 13:17:02 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170821110400.GA45463@admin.sibptus.transneft.ru> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfP++Xhpl8IcYNTZaI2n75znv5Bs7ffhWg9TKpjteW9LmJvHgXA9HgLb1CQWizXNI0ml6fF6aKbM+uBiySm6+5jyHvsVrm9XjNzWF5/wDOTThfj0Kfq1L rUDDyYyiOUFDt1Eysf6B/IajiU0t8hETY1jP9pnhtetvJuLduyt64E2ci6xhcy/sa6mM043PgGnLtYEEMfVp3LeBvP5b3916zVwm6hb83de7eb8rovKPWtwv 3nxvQeKUkBJN76pmyZz44g== X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Aug 2017 11:17:05 -0000 On 21/08/2017 13:04, Victor Sudakov wrote: > Bert Kiers wrote: >> >>> How can I configure the resolver to use a DNS server with a >>> non-standard port? >>> >>> I have a host running an authoritative-only server (nsd) for the >>> world, and I want to run local unbound for the host itself (can't use >>> nsd for recursive queries). >>> >>> Unbound can listen on a non-standard port, but how do I configure the >>> host to use the DNS server at 127.0.0.1:5353 ? >> >> I think it will be more simple to have nsd and unbound listen on >> different IP-adresses, like unbound on 127.0.0.1 and nsd on the external >> IP-address. Then put 127.0.0.1 in resolv.conf > > That's how I have configured it now, but this solution has a major > drawback: you need to specify the IP address explicitely in > /var/unbound/unbound.conf which can be inconvenient in some > situations. > > So it's a workaround, but by no means "more simple." What happens when you let unbound listen on 127.0.0.1 and nsd on * (a.k.a. 0.0.0.0)? That may work because 127.0.0.1 is more specific. Maybe the startup order of the daemons is important then. -- Bert Kiers, suspected terrorist Love MS-Windows? Must be Stockholm syndrome.