On 2019-11-19, Dale C. <[email protected]> wrote: > I don't know how unbound will be aware of iked couple/decouple, so I > wonder how I'd specify "as appropriate" in this case short of a DNS > failover from the remote side using forward-zones in unbound.
It won't be aware unless you tell it. But if you're scripting you can use unbound-control's forward_remove/forward_add commands so could, for example, tell it to use your (known) server address. > I'll > take a look at unwind... unwind is more designed for doing things automatically (either recursing itself or picking up forwarders from DHCP), though you could set "forwarder" in the config file and reload it. Or if you're happy with an external provider you could set it to use e.g. 9.9.9.9 (which does support DoT) all the time.
