> On 17 Oct 2016, at 13:37, Jesse V <kernelcorn@xxxxxxxxxxxxxx> wrote: > > On 10/16/2016 04:54 PM, Petrusko wrote: >> Thx for this share. >> >> But I'm not sure how Unbound is "speaking" with the roots DNS servers... >> Somewhere I've read that DNS queries can be forwarded by a "man in the >> middle", and the server operator can't be sure about this :s >> An ISP is able to do it with your "private server" hosted behind your >> ISP's router... >> >> I see DNSsec to crypt DNS queries from a client to a server, but for >> sure it's not possible to use it with roots DNS servers... > > My VPS host uses 8.8.8.8 for DNS by default. I think it's configured in > their DHCP settings or something because 8.8.8.8 will end up in > /etc/resolv.conf every time the VPS restarts. Consequently, I have to > keep an eye on /etc/resolv.conf to ensure that it always points to my > Unbound instance. I take immediate action if this is not the case. You might find ServerDNSResolvConfFile useful if you want to avoid using the default system resolver file /etc/resolv.conf T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------------
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays