From owner-freebsd-questions@freebsd.org  Wed Aug 19 07:27:54 2015
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1D4669BD42B
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Wed, 19 Aug 2015 07:27:54 +0000 (UTC)
 (envelope-from freebsd@qeng-ho.org)
Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "fileserver.home.qeng-ho.org",
 Issuer "fileserver.home.qeng-ho.org" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id B630F17CF
 for <freebsd-questions@freebsd.org>; Wed, 19 Aug 2015 07:27:53 +0000 (UTC)
 (envelope-from freebsd@qeng-ho.org)
Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2])
 by bede.home.qeng-ho.org (8.15.2/8.15.2) with ESMTP id
 t7J7Rhfx063761; Wed, 19 Aug 2015 08:27:44 +0100 (BST)
 (envelope-from freebsd@qeng-ho.org)
Subject: Re: unbound setup questions
To: Antoine Kallab <antoine@kallab.com>, nightrecon@hotmail.com
References: <CAL2OafxjzF1ZR_qyP8V0=tD+qHdfb7rohiH02UrrO5+ceyf7rw@mail.gmail.com>
 <mr0gtu$gi$1@ger.gmane.org>
 <CAL2OafxzA9BkPR9Ud2NXO-_WJSaPcZHhqCMLBY3MOuEqn_E5yw@mail.gmail.com>
Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
From: Arthur Chance <freebsd@qeng-ho.org>
Message-ID: <55D42FEF.6030508@qeng-ho.org>
Date: Wed, 19 Aug 2015 08:27:43 +0100
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101
 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <CAL2OafxzA9BkPR9Ud2NXO-_WJSaPcZHhqCMLBY3MOuEqn_E5yw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2015 07:27:54 -0000

On 19/08/2015 07:49, Antoine Kallab wrote:
>> The unbound that ships with the OS is really only designed to be a resolver
>> for the local machine, at least as far as I know at this point in my meager
>> research. If you need services more like you may have been accustomed to
>> with Bind you may wish to take a look at the unbound in the ports tree:
>> /usr/ports/dns/unound.
>
> Thanks mike, installing unbound from ports did the trick. I had no
> idea that local_unbound and unbound were different, thanks for that.

I'm running the base unbound as a resolver for my entire net with no 
problems. The only difference I can spot between Antoine's config and 
mine is that I have domain-insecure directives for my internal domains.

-- 
Those who do not learn from computing history are doomed to
GOTO 1