[dns-operations] Google Public DNS and round robin records

Jan-Piet Mens jpmens.dns at gmail.com
Mon Jul 23 09:11:48 UTC 2012

> "Dnssec-trigger reconfigures the local unbound DNS server."

DNSSEC-Trigger is bundled with Unbound.

What it does it to verify that DHCP-obtained forwarders do DNSSEC,
updating /etc/resolv.conf to point to the validating Unbound on
localhost if not. If neither work, DNSSEC-Trigger attempts to query an
open resolver over TCP ports 80 and 443, hoping to be able to do DNSSEC
that way.

Works pretty well.


More information about the dns-operations mailing list