Hi, Since I upgraded to OBSD 6.0 I have had some problems with Unbound and dnscrypt-proxy.
Normally I would troubleshoot by using "dig" to request directly to dnscrypt-proxy, but for some reason (I don't know) the "-p" option has been removed and it is impossible to use that now. Unbound seems unable to forward requests to dnscrypt-proxy which I have running on port 40 following the guide in the FAQ (http://www.openbsd.org/faq/pf/example1.html#dns). In my unbound.conf I have the following: forward-addr: 127.0.0.1@40 Then in my /etc/rc.conf.local I have: dnscrypt_proxy_flags=-l /var/log/dnscrypt-proxy -R fvz-rec-de-fra-01 -a 127.0.0.1:40 pkg_scripts="dnscrypt_proxy" When I do a "dig yahoo.com" I get the following: ;yahoo.com. IN A No IP. And a ping also returns: ping: unknown host: yahoo.com Of course I have tested other hosts as well, same result. I am getting no information in the logs. If I have unbound forward directly to an OpenNIC server all works well again so the trouble is between unbound and dnscrypt-proxy. This used to work flawlessly, but since the "-p" option has been removed from "dig" it's very difficult to debug dnscrypt-proxy without having PF doing redirects and what not. How to troubleshoot this problem better? Kind regards
