diff options
| author | Eric Luehrsen <ericluehrsen@gmail.com> | 2020-06-13 15:06:20 -0400 |
|---|---|---|
| committer | Eric Luehrsen <ericluehrsen@gmail.com> | 2020-06-13 15:13:45 -0400 |
| commit | af73a9b9a476087e16b591a8ba5d42ca57b1543d (patch) | |
| tree | 42131c50cf42ebedf17d1fbb89dbfe7be5c6988a /net/unbound/files | |
| parent | 435e5077f817bd0d506282007c545c67a0586570 (diff) | |
unbound: make option interface_auto default on
Unbound has a quirk and may reply on a different device address.
When Unbound answers with from-address different than it
received queries on, it may cause trouble for select VPN and
firewall configurations. Ensure Unbound replies with the same
address by changing this default.
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Diffstat (limited to 'net/unbound/files')
| -rw-r--r-- | net/unbound/files/README.md | 2 | ||||
| -rw-r--r-- | net/unbound/files/unbound.sh | 4 | ||||
| -rw-r--r-- | net/unbound/files/unbound.uci | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/net/unbound/files/README.md b/net/unbound/files/README.md index 52378d5c5..ec06de5a0 100644 --- a/net/unbound/files/README.md +++ b/net/unbound/files/README.md @@ -261,7 +261,7 @@ config unbound Boolean. If enabled version.server, version.bind, id.server, and hostname.bind queries are refused. - option interface_auto '0' + option interface_auto '1' Boolean. If enabled DNS replies will have the same source address as the request was sent to. diff --git a/net/unbound/files/unbound.sh b/net/unbound/files/unbound.sh index 5cc959b7f..a57d81d4e 100644 --- a/net/unbound/files/unbound.sh +++ b/net/unbound/files/unbound.sh @@ -36,7 +36,7 @@ UB_B_NTP_BOOT=1 UB_B_QUERY_MIN=0 UB_B_QRY_MINST=0 UB_B_AUTH_ROOT=0 -UB_B_IF_AUTO=0 +UB_B_IF_AUTO=1 UB_D_CONTROL=0 UB_D_DOMAIN_TYPE=static @@ -1214,7 +1214,7 @@ unbound_uci() { config_get_bool UB_B_LOCL_BLCK "$cfg" rebind_localhost 0 config_get_bool UB_B_DNSSEC "$cfg" validator 0 config_get_bool UB_B_NTP_BOOT "$cfg" validator_ntp 1 - config_get_bool UB_B_IF_AUTO "$cfg" interface_auto 0 + config_get_bool UB_B_IF_AUTO "$cfg" interface_auto 1 config_get UB_IP_DNS64 "$cfg" dns64_prefix "64:ff9b::/96" diff --git a/net/unbound/files/unbound.uci b/net/unbound/files/unbound.uci index b75381f96..12809b95d 100644 --- a/net/unbound/files/unbound.uci +++ b/net/unbound/files/unbound.uci @@ -11,6 +11,7 @@ config unbound option edns_size '1280' option extended_stats '0' option hide_binddata '1' + option interface_auto '1' option listen_port '53' option localservice '1' option manual_conf '0' @@ -28,7 +29,6 @@ config unbound option validator '0' option validator_ntp '1' option verbosity '1' - option interface_auto '0' list trigger_interface 'lan' list trigger_interface 'wan' #list domain_insecure 'ntp.example.com' |