Am 22.09.2015 um 19:02 schrieb Mike Brown via Unbound-users:
* by default, queries go to my ISP's resolvers (Comcast: 75.75.75.75 &
75.75.76.76)
why would you do that?
I expect Comcast not to block other DNS queries? Assuming that I would suggest
to run unbound simply in default configuration -> resolving direct via root
nameservers.
No default forwarding -> no need to configure exceptions for DNSBL zones.
Also I'm not aware any unbound configuration is modified in any way by a DHCP
client.
I use to ignore any resolver announced by a DHCP server:
$ stat --printf "%a\n" /etc/dhcp/dhclient-enter-hooks.d/do_not_touch_resolv_conf
755
$ cat /etc/dhcp/dhclient-enter-hooks.d/do_not_touch_resolv_conf
#!/bin/sh
make_resolv_conf() {
logger -p daemon.info -t /etc/dhcp/dhclient-enter-hooks.d/do_not_touch_resolv_conf
"ignore DHCP suggestion 'nameserver $new_domain_name_servers'"
:
}
