Web lists-archives.com

Re: what are you using instead of bind9?




Hi,

On Tue, Feb 12, 2019 at 06:40:01PM -0500, Lee wrote:
> What are people using these days to
> 1. have dnssec enabled lookups
> 2. filter external dns answers

I use Unbound for resolvers.

I understand that Unbound can do some RPZ-like things with its
local-data and local-zone directives, but I've never played with RPZ so
don't know if it can cover your use case.

PowerDNS Recursor is another popular recursor. I have never used it,
only the Auth server version, but I've found that to be high quality
software so I'd certainly be willing to look at their Recursor product
if I wasn't happy with Unbound. It seems to have RPZ support:

    https://doc.powerdns.com/recursor/lua-config/rpz.html

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting