What's new

Unbound - Authoritative Recursive Caching DNS Server

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
I’m not certain qname minimization is active in forward mode
on lan test: QNAME Minimization - Run dig +short txt qnamemintest.internet.nl from the command-line (taken from this NLnet Labs presentation). If you are on Windows 10, run Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl from the PowerShell. You should see this display: "HOORAY - QNAME minimisation is enabled on your resolver :)!" [https://www.privacytools.io/providers/dns/]

the forward server eventually, so you’ve still lost your privacy benefit by relying on a forwarder.
The QNAME function is almost a must for the most diverse DNS servers, including in DNSMASQ. I mean the countless advantages of unbound that go beyond recursion.
 
on lan test: QNAME Minimization - Run dig +short txt qnamemintest.internet.nl from the command-line (taken from this NLnet Labs presentation). If you are on Windows 10, run Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl from the PowerShell. You should see this display: "HOORAY - QNAME minimisation is enabled on your resolver :)!" [https://www.privacytools.io/providers/dns/]


The QNAME function is almost a must for the most diverse DNS servers, including in DNSMASQ. I mean the countless advantages of unbound that go beyond recursion.
Yes, I read page 22 of the presentation and noted the bold text:
No QNAME minimisation when forwarding query

But since the presentation is almost 4 years old, I left room for doubt in the current version. :cool:
 
I understand. But it’s easy to check. Just add some fowader, a cloudflare. Take the test on the lan.
https://cmdns.dev.dns-oarc.net/
Interesting test site, thanks! I have tested with a forwarder to quad9 and qname minimization disabled in Unbound and the test still says I have qname minimization because Quad9 is already doing the qname minimization. I don't see unbound forwarding minimized qnames in the log with a forwarder enabled. But I do see it happening when the forwarder is removed.

Good tools for testing!
 
@rgnldo this worked great in PowerShell!

Hooray! :)

Code:
Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl

Name                           Type   TTL   Section    NameHost
----                           ----   ---   -------    --------
qnamemintest.internet.nl       CNAME  9     Answer     a.b.qnamemin-test.internet.nl

Name      : a.b.qnamemin-test.internet.nl
QueryType : TXT
TTL       : 10
Section   : Answer
Strings   : {HOORAY - QNAME minimisation is enabled on your resolver :)!}
 
This is why I hate Powershell. A three-letter Linux command (dig) takes 15 characters (plus 5 characters long parameter names)...
 
The same goes for iptables in relation to pf (OpenBSD). I love pf firewall. :)
 
update initial post
due to the short time I have, I organized updating the initial post. :)
 
I post this in this thread as a teaser because I'm not even going to pretend that this is ready to compete with Unbound Manager. Plus I've never made a webpage in my life. But so far so good for a mock-up. Some options won't really be necessary, and others might need to be added, so consider this 10% baked. But I can change settings, hit Apply, and generate a new unbound.conf from it.

upload_2020-2-13_20-53-36.png
 
I post this in this thread as a teaser because I'm not even going to pretend that this is ready to compete with Unbound Manager. Plus I've never made a webpage in my life. But so far so good for a mock-up. Some options won't really be necessary, and others might need to be added, so consider this 10% baked. But I can change settings, hit Apply, and generate a new unbound.conf from it.

View attachment 21388
Consider me teased.
 
I post this in this thread as a teaser because I'm not even going to pretend that this is ready to compete with Unbound Manager. Plus I've never made a webpage in my life. But so far so good for a mock-up. Some options won't really be necessary, and others might need to be added, so consider this 10% baked. But I can change settings, hit Apply, and generate a new unbound.conf from it.

View attachment 21388
Impressive!
 
@dave14305 I'm very impressed! I can't imagine all the coding behind that image. :)

Are you collaborating with @Jack Yaz yet? For the Graphs, of course! :D
 
@dave14305 I'm very impressed! I can't imagine all the coding behind that image. :)

Are you collaborating with @Jack Yaz yet? For the Graphs, of course! :D
@RMerlin's wiki was very helpful with his templates for add-ons. I struggled with how to get non-textboxes to work with custom settings, but figured it out eventually (only took 1 glass of wine).

I will leave Jack to decide for himself if he wants to dig into the stats. It's out of my league for sure. Checkboxes and Radio buttons are now my thing. I was much better in school with HyperCard.
 
Working with Asus's "framework" for webui is complicated. Asus themselves aren't always consistent, doing things differently depending on which of their programmers wrote a specific page. So even if you rely on existing examples, it might not always be obvious.
 
I post this in this thread as a teaser because I'm not even going to pretend that this is ready to compete with Unbound Manager. Plus I've never made a webpage in my life. But so far so good for a mock-up. Some options won't really be necessary, and others might need to be added, so consider this 10% baked. But I can change settings, hit Apply, and generate a new unbound.conf from it.

View attachment 21388
10% baked....honestly this is FIRE:D:D:D:D
 
I post this in this thread as a teaser because I'm not even going to pretend that this is ready to compete with Unbound Manager. Plus I've never made a webpage in my life. But so far so good for a mock-up. Some options won't really be necessary, and others might need to be added, so consider this 10% baked. But I can change settings, hit Apply, and generate a new unbound.conf from it.

View attachment 21388


A thing of beauty!
 
Status
Not open for further replies.

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top