Hi all,
I am trying to use Unbound’s SSL upstream. Cause I am new to Unbound here, I doubt I might configure them wrong. Both sides use unbound1.5.7
The configuration of Resolver:
server:
directory: “/etc/unbound”
username: root
make sure unbound can access entropy from inside the chroot.
e.g. on linux the use these commands (on BSD, devfs(8) is used):
mount --bind -n /dev/random /etc/unbound/dev/random
and mount --bind -n /dev/log /etc/unbound/dev/log
chroot: “/etc/unbound”
logfile: “/etc/unbound/unbound.log” #uncomment to use logfile.
pidfile: “/etc/unbound/unbound.pid”
verbosity: 1 # uncomment and increase to get more logging.
listen on all interfaces, answer queries from the local subnet.
interface: 0.0.0.0
interface: ::0
access-control: 10.0.0.0/8 allow
The configuration of Forwarder:
unbound.conf(5) config file for unbound(8).
server:
directory: “/etc/unbound”
username: root
make sure unbound can access entropy from inside the chroot.
e.g. on linux the use these commands (on BSD, devfs(8) is used):
mount --bind -n /dev/random /etc/unbound/dev/random
and mount --bind -n /dev/log /etc/unbound/dev/log
chroot: “/etc/unbound”
logfile: “/etc/unbound/unbound.log” #uncomment to use logfile.
pidfile: “/etc/unbound/unbound.pid”
verbosity: 1 # uncomment and increase to get more logging.
listen on all interfaces, answer queries from the local subnet.
interface: 0.0.0.0
interface: ::0
access-control: 10.0.0.0/8 allow
tcp-upstream: yes
ssl-upstream: yes
ssl-port: 853
forward-zone:
name: “.”
forward-addr: 10.4.1.2@853
server:
ssl-upstream: yes
tcp-upstream: yes
do-daemonize: no
logfile: “”
verbosity: 10
Any help is welcome. Thanks.