On 03/11/2021 06:53, cho...@jtan.com wrote: > ... > > On the gripping hand, all it does is run fw_update and syspatch.
This. Unless there is something more. Anyway, I followed Stuart's advice of adding a second DNS server in resolv.conf apart from 127.0.0.1 which was my usual practice for caching servers. I see no harm on this. Thanks for comments on unbound/nsd. I'm familiar and using those in another setup but it adds complexity when you want your caching servers to also have live copies (+live updates) of internal authoritative zones. You setup the zones twice (nsd and unbound stub-zone), which is not that bad, but you also have caching/negative caching on unbound until TTL or flush to see the updates/changes, which is more disturbing. G
