Is it not possible to run both a caching lookup server using Unbound (in FreeBSD 10) and an authoritative server using NSD (installed from ports) on the same box? BIND used to perform both functions as I remember, provided you configured it as such. Does NSD also do caching? We have a /27 so I could configure one or the other to listen on a different IP, but only if I really have to. I got: service local_unbound start Performing initial setup. Extracting forwarders from /etc/resolv.conf. /var/unbound/forward.conf created /var/unbound/unbound.conf created /etc/resolvconf.conf created original /etc/resolv.conf saved as /etc/resolv.conf.20140805.185119 Starting local_unbound. [1407279079] unbound[7957:0] error: bind: address already in use [1407279079] unbound[7957:0] fatal error: could not open ports /etc/rc.d/local_unbound: WARNING: failed to start local_unbound ------------------------------------------------------------------------- shot through the heart ooh baby do you know what that's worth and you're to blame ooh heaven is a place on earth darling you give love they say in heaven love comes first a bad name we'll make heaven a place on earth ORBITAL "Halcyon Live"
On Tue, Aug 05, 2014 at 09:12:37PM -0400, nsd at fongaboo.com wrote:> > Is it not possible to run both a caching lookup server using Unbound (in > FreeBSD 10) and an authoritative server using NSD (installed from ports) on > the same box? >It is possible, but not using the same address+port of course. One solution is to have NSD only listen on localhost while unbound listens on the external adress. You can then use stub-zone configuration in unbound to make it use the localhost adress for lookups in any zone you are serving from NSD. This is what i do for my home network, for a production setup I would rather keep authorative and caching DNS services fully separated.> BIND used to perform both functions as I remember, provided you configured > it as such. Does NSD also do caching?No, NSD is an authorative only server by design. Regards, Patrik Lundin
Hi -- On 2014-08-06 3:12, nsd at fongaboo.com wrote:> Is it not possible to run both a caching lookup server using Unbound > (in FreeBSD 10) and an authoritative server using NSD (installed from > ports) on the same box?I run both unbound and nsd in the very same jail. Nsd as authoritative nameserver listens at public-IPv4:53 natted to that jail's internal IPv4 *and* public-IPv6 directly bound to that specific jail. Unbound listens to some other local-IPv4:53 bound to that jail. resolv.conf will guide all local sevices running at host or in all other available jails to that local-IP:53 of the listening unbound server. Regards, Michael