> On 17 Oct 2016, at 13:37, Jesse V <kernelc...@torproject.org> wrote:
> On 10/16/2016 04:54 PM, Petrusko wrote:
>> Thx for this share.
>> But I'm not sure how Unbound is "speaking" with the roots DNS servers...
>> Somewhere I've read that DNS queries can be forwarded by a "man in the
>> middle", and the server operator can't be sure about this :s
>> An ISP is able to do it with your "private server" hosted behind your
>> ISP's router...
>> I see DNSsec to crypt DNS queries from a client to a server, but for
>> sure it's not possible to use it with roots DNS servers...
> My VPS host uses for DNS by default. I think it's configured in
> their DHCP settings or something because will end up in
> /etc/resolv.conf every time the VPS restarts. Consequently, I have to
> keep an eye on /etc/resolv.conf to ensure that it always points to my
> Unbound instance. I take immediate action if this is not the case.

You might find ServerDNSResolvConfFile useful if you want to avoid using
the default system resolver file /etc/resolv.conf


Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
xmpp: teor at torproject dot org

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

tor-relays mailing list

Reply via email to