Tim Bray via mailop <mailop@mailop.org> writes: > apt install unbound > > It comes configured fairly safely, listening only on localhost. > > and edit /etc/resolv.conf to say > > nameserver 127.0.0.1 > > And there isn't much else to it for single machine. Indeed it is > quite a good way to bring DNSSEC up to the local machine.
You should also add the line options edns0 to your /etc/resolv.conf for DNSSEC to work properly. (See e.g. https://www.dns-oarc.net/oarc/services/replysizetest for details.) -tih -- Most people who graduate with CS degrees don't understand the significance of Lisp. Lisp is the most important idea in computer science. --Alan Kay _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
