[dns-operations] Google Public DNS and round robin records
Jan-Piet Mens
jpmens.dns at gmail.com
Mon Jul 23 09:11:48 UTC 2012
> "Dnssec-trigger reconfigures the local unbound DNS server."
DNSSEC-Trigger is bundled with Unbound.
What it does it to verify that DHCP-obtained forwarders do DNSSEC,
updating /etc/resolv.conf to point to the validating Unbound on
localhost if not. If neither work, DNSSEC-Trigger attempts to query an
open resolver over TCP ports 80 and 443, hoping to be able to do DNSSEC
that way.
Works pretty well.
-JP
More information about the dns-operations
mailing list