What's new

Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I only want these two mobile devices behind it, and I wanted something more capable than my router. My Xen server runs the Pi-Hole VM, and its i5 5200U can easily handle anything that I throw at it without putting any strain on my router's weaker CPU.
I do this too on a separate setup, the only downside is I have to disable/block IPV6 on those devices as the devices "get around" any manual dhcp option i try for suggesting what ipv6 to use for lan on those devices. On my stronger router, I run diversion.
 
Why is running unbound + diversion NOT recommended?
 
It does, but it changes unbound from a recursive resolver to just another forwarder like stubby.

EDIT: with this my 2,000th post, I am now part of the furniture. Please remember me as I was, not as a nice Chesterfield or an ottoman.
And if your promotion had been awarded on quality rather than quantity, you would have got it around 1999 posts ago.
 
Why is running unbound + diversion NOT recommended?
I've updated the Q&A post which adds a little technical clarification.

Ad Block may offer slightly better flexibility than diversion when defining the domains etc., but diversion has the (GUI) stats feature.

Crucially, performance wise, is one better than the other? - hard to say.
 
I'm a bit confused, does unbound use DoT out of the box or do you have to enable it in the firmware? Or is this a dumbass question? Or does a person need DoT when using unbound?
 
Last edited:
I'm a bit confused, does unbound use DoT out of the box or do you have to enable it in the firmware? Or is this a dumbass question?
Out-of-the-box, Unbound does not use any encrypted traffic as a recursive resolver. It can’t make recursive queries using encryption. You can reconfigure Unbound to become a forwarder (like dnsmasq and Stubby) and use DoT, but what’s the value of unbound then as just another forwarder? dnsmasq+Stubby already do that well enough.
 
Out-of-the-box, Unbound does not use any encrypted traffic as a recursive resolver. It can’t make recursive queries using encryption. You can reconfigure Unbound to become a forwarder (like dnsmasq and Stubby) and use DoT, but what’s the value of unbound then as just another forwarder? dnsmasq+Stubby already do that well enough.
Gotcha! Thanks once again @dave14305 :cool:
 
[✔] Enable local NTP server=YES ... ok, but which setting is best here: „Intercept NTP client requests„?

:)
 
FWIW....installed with CPU tweaks and has been solid since last evening.

Thanks @Martineau for a solid product and to all others that dev'd this.....now that I've come to understand some of the (not so finer) points of this, I like the approach.
 
Out-of-the-box, Unbound does not use any encrypted traffic as a recursive resolver. It can’t make recursive queries using encryption. You can reconfigure Unbound to become a forwarder (like dnsmasq and Stubby) and use DoT, but what’s the value of unbound then as just another forwarder? dnsmasq+Stubby already do that well enough.
I've shamelessly added this verbatim (well almost) to the Q&A post
as I don't think you'd mind assisting with cut'n'paste given you embarrassed me into creating/maintaining this thread! ;)
 
Last edited:
amtm 3.1.2 is now available

What's new
- Adds unbound Manager as supported script

I am pleased to add the first script from @Martineau to amtm: unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)
unbound Manager is a front end for @rgnldo 's Unbound - Authoritative Recursive Caching DNS Server

How to update amtm
Use u to update to this latest version.
Many thanks!

Like myself, I'm sure the community is grateful for your effort, particularly for those that need/choose to uninstall/reinstall on a 'regular' basis.
 
Last edited:
upload_2020-2-9_14-50-28.png

Can those of us running ntpmerlin be accounted for, please?

This nvram setting will always be no, so that ntpd from entware does not conflict with the built-in ntpd
 
View attachment 21264
Can those of us running ntpmerlin be accounted for, please?

This nvram setting will always be no, so that ntpd from entware does not conflict with the built-in ntpd
I habe the same dilemma for my local diversion test server. When set to Yes, it will not honour /jffs/configs/dnsmasq.conf.add which resolves to it.
 
Manual, or auto are ok.
It gives your router functioning dns server/s for getting any internal stuff done, should Unbound not be ready yet. At boot up say.

Thanks this was a little confusing, I ended up just not touching anything from the DOT setup prior to Unbound.

upload_2020-2-9_9-58-44.png
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top