[dns-operations] Best practices for Linux/UNIX stub resolver failover

Jonathan Stewart jonathan.stewart at gmail.com
Wed Apr 23 18:22:54 UTC 2014

Robert Edmonds <edmonds at mycre.ws> wrote:

> Chuck Anderson wrote:
> > 2. Use a local DNS daemon on every server with forwarders configured
> >    to the network's nameservers, and fix resolv.conf to
> I'll shamelessly admit that I do this on all my Debian systems, where
> "apt-get install unbound resolvconf" results in exactly that
> configuration.
Does this result in a DNSSEC-validating resolver, as well?

If so, then Chuck's problem is actually a solved one, and his request (as
mine would be) is that the Linux distributions make this default, so long
as the setting of one or more recursive resolvers was easy.

Of course, in an environment where DNS queries have not been restricted,
this setup should run standalone, resolving DNS queries from the root.

> --
> Robert Edmonds
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20140423/216caa18/attachment.html>

More information about the dns-operations mailing list