Actually, my previous reply was wrong, you'll need to use the config

server=/local.tld/<address of unbound server>

to make this work.



On 03/08/18 14:51, Simon Kelley wrote:
> As far as I can tell, the Pihole instructions for configuring Unbound
> specify that the local TLD should be configured as not DNSSEC signed.
> As far as dnsmasq is concerned, therefore, any answers in the local TLD
> cannot be proven as valid, since they're unsigned, and it cannot be
> proven that the local TLD is unsigned, since there's no trust path from
> the root that proves that.
> The BOGUS reply from dnsmasq is therefore quite correct.
> THe fix for this is to tell dnsmasq that the local TLD is NOT DNSSEC signed.
> something like
> server=/local.tld/#
> in the pihole dnsmasq config should do the trick.
> (Note that when researching this answer, I found a couple of corner-case
> bugs to do with this code, one of which is that the logging for that
> server line doesn't include the information that DNSSEC is disabled for
> t hat TLD. This shouldn't stop it working.
> Cheers,
> Simon.
> On 03/08/18 13:14, Walter | Exclusive-IT wrote:
>> Good day Sir,
>> Mark, from Pi-hole, advised me to ask you about a possible DNSMasq
>> bug/issue through this channel.
>> I would very much appreciate your thoughts on this issue:
>> Thank you in advance for your time,
>> -- 
>> *Met vriendelijke groet, kind regards,*
>> Walter van 't Hoff
>> Exclusive-IT logo    
>> *Exclusive-IT*
>> t: +31 (0)6 2264 8629
>> e: <>
>> w: <>
>> De informatie in dit e-mail bericht is vertrouwelijk en uitsluitend
>> bestemd voor de geadresseerde. Gebruik van deze informatie door anderen
>> dan de geadresseerde is niet toegestaan. Indien u dit bericht ten
>> onrechte ontvangt, wordt u verzocht de inhoud niet te gebruiken maar de
>> afzender direct te informeren door het bericht te retourneren en het
>> daarna te verwijderen. Openbaarmaking, vermenigvuldiging, verspreiding
>> en/of verstrekking van de in de e-mail ontvangen informatie aan derden
>> is niet toegestaan. Op alle diensten die wij verlenen zijn algemene
>> voorwaarden van toepassing die een beperking van onze aansprakelijkheid
>> bevatten. De algemene voorwaarden kunt u vinden en downloaden op
>> - The information in
>> this e-mail is confidential and intended solely for the addressee. Use
>> of this information by others than the addressee is not allowed. If you
>> are not the intended recipient of this e-mail, you are hereby requested
>> to not use the contents but notify the sender immediately by returning
>> this e-mail and subsequently delete the message. Disclosure, copying,
>> distribution of the information in this e-mail to third parties is
>> prohibited and may be unlawful. All services we provide are subject to
>> our general terms and conditions which include a restriction of our
>> liability. You can find and download the general terms and conditions
>> (Dutch) on

Dnsmasq-discuss mailing list

Reply via email to