Simon Walter wrote:
> On 10/30/20 3:19 AM, Bernard Rosset via Dng wrote:
>>> That said, I've stopped using unbound and I'm using straight BIND as my
>>> local resolver lately. It's pleasant.
>>
>>  From what we discovered about unbound during one of the meetings, I
>> clearly do not trust that technology.
>
> What meetings? Is it possible to divulge some more info WRT what you
> discovered? I am curious.


curious here too, unbound has always been considered somewhat secure.
there's also an recent independent security audit (link from unbound
site), so this would be interesting to know, please share.. :)

using bind mainly as authoritative in servers, although it seems really
heavy and tbh don't like the fact that bind's almost a monopoly...
also heard nice things about knot - will probably give it a try sometime
soon...

anyway, using almost exclusively unbound in pcs, as local caching dns..
seems to me lighter/easier to configure than dnsmasq.
and iirc, most linux distros have moved to unbound as well..

2c.
d.