> On 17 Oct 2016, at 13:37, Jesse V <kernelc...@torproject.org> wrote:
> 
> On 10/16/2016 04:54 PM, Petrusko wrote:
>> Thx for this share.
>> 
>> But I'm not sure how Unbound is "speaking" with the roots DNS servers...
>> Somewhere I've read that DNS queries can be forwarded by a "man in the
>> middle", and the server operator can't be sure about this :s
>> An ISP is able to do it with your "private server" hosted behind your
>> ISP's router...
>> 
>> I see DNSsec to crypt DNS queries from a client to a server, but for
>> sure it's not possible to use it with roots DNS servers...
> 
> My VPS host uses 8.8.8.8 for DNS by default. I think it's configured in
> their DHCP settings or something because 8.8.8.8 will end up in
> /etc/resolv.conf every time the VPS restarts. Consequently, I have to
> keep an eye on /etc/resolv.conf to ensure that it always points to my
> Unbound instance. I take immediate action if this is not the case.

You might find ServerDNSResolvConfFile useful if you want to avoid using
the default system resolver file /etc/resolv.conf

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------------







Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Reply via email to