On Mon, Aug 6, 2018 at 7:57 AM, John Kennedy <warlock at phouka.net> wrote:> On Mon, Aug 06, 2018 at 03:06:00PM +0100, Pete French wrote: > > having enabled local_unbound in /etc/rc.d how do I remove that > > and go back to using just DHCP delivered nameservers ? I > > set it to 'NO' but yet the machine still seems to have traces of > > the config in other places and keeps trying to use them, for reasons I > > dont understand. > > > > Is there a quyick guide to clearing this off a system when you dont want > to use > > it anymore ? I get that it needs to be slightly complex to do what it > does, > > but its proving very hard to fix the broken DNS looksup! > > Hmm. First, make sure that it isn't running (service local_unbound stop, > etc). > Then look at your /etc/resolv.conf -- unbound tends to rewrite that on > initial > startup, taking some of it's settings and inserting itself into the middle > as a > caching DNS server. At the very least, you want something like this: > > nameserver 8.8.8.8 > > I think the default DHCP client stomps all over /etc/resolv.conf fairly > well, > but see what options are in there (for example, options for > domain-name-servers > and domain-name). The stock /etc/dhclient.conf is all comments. > > I have issues with the DNS results my ISP returns to me, but setting up a > cache > or using sites like 8.8.8.8 (google public DNS, if you don't mind feeding > the > beast) fixes that. >If you don't want to feed the beast, maybe 9.9.9.9 (Quad9). You can read about it at: https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/ -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkoberman at gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
On 07/08/2018 05:01, Kevin Oberman wrote:> On Mon, Aug 6, 2018 at 7:57 AM, John Kennedy <warlock at phouka.net> wrote: > >> On Mon, Aug 06, 2018 at 03:06:00PM +0100, Pete French wrote: >>> having enabled local_unbound in /etc/rc.d how do I remove that >>> and go back to using just DHCP delivered nameservers ? I >>> set it to 'NO' but yet the machine still seems to have traces of >>> the config in other places and keeps trying to use them, for reasons I >>> dont understand. >>> >>> Is there a quyick guide to clearing this off a system when you dont want >> to use >>> it anymore ? I get that it needs to be slightly complex to do what it >> does, >>> but its proving very hard to fix the broken DNS looksup! >> >> Hmm. First, make sure that it isn't running (service local_unbound stop, >> etc). >> Then look at your /etc/resolv.conf -- unbound tends to rewrite that on >> initial >> startup, taking some of it's settings and inserting itself into the middle >> as a >> caching DNS server. At the very least, you want something like this: >> >> nameserver 8.8.8.8 >> >> I think the default DHCP client stomps all over /etc/resolv.conf fairly >> well, >> but see what options are in there (for example, options for >> domain-name-servers >> and domain-name). The stock /etc/dhclient.conf is all comments. >> >> I have issues with the DNS results my ISP returns to me, but setting up a >> cache >> or using sites like 8.8.8.8 (google public DNS, if you don't mind feeding >> the >> beast) fixes that. >> > > If you don't want to feed the beast, maybe 9.9.9.9 (Quad9). You can read > about it at: > https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/There is also 1.1.1.1 and 1.0.0.1 from cloudflare - claims to be fastest https://1.1.1.1 -- FreeBSD - the place to B...Software Developing Shane Ambler
> Hmm.? First, make sure that it isn't running (service local_unbound > stop, etc). > Then look at your /etc/resolv.conf -- unbound tends to rewrite that > on initial > startup, taking some of it's settings and inserting itself into the > middle as a > caching DNS server.? At the very least, you want something like this: > > ? ? ? ? nameserver 8.8.8.8 > > I think the default DHCP client stomps all over /etc/resolv.conf > fairly well,Thats my problem - it doesnt rewrite it :-( I ended up taking one of my machines with a working unboudn setup, rysncing the files to the non working ones, re-enabling unbound and lettign it get on with its life. Have given up on removing it! Thanks for the advice though, I will dig into it on more detail when I have a moment. cheers, -pete.