Simon Walter wrote: > On 10/30/20 3:19 AM, Bernard Rosset via Dng wrote:
>>> That said, I've stopped using unbound and I'm using straight BIND as my
>>> local resolver lately. It's pleasant.
>>
>> From what we discovered about unbound during one of the meetings, I
>> clearly do not trust that technology.
>
> What meetings? Is it possible to divulge some more info WRT what you
> discovered? I am curious.
curious here too, unbound has always been considered somewhat secure.
there's also an recent independent security audit (link from unbound
site), so this would be interesting to know, please share.. :)
using bind mainly as authoritative in servers, although it seems really
heavy and tbh don't like the fact that bind's almost a monopoly...
also heard nice things about knot - will probably give it a try sometime
soon...
anyway, using almost exclusively unbound in pcs, as local caching dns..
seems to me lighter/easier to configure than dnsmasq.
and iirc, most linux distros have moved to unbound as well..