Unbound
wirehole
Unbound | wirehole | |
---|---|---|
40 | 83 | |
2,819 | 4,567 | |
2.9% | - | |
9.5 | 5.1 | |
9 days ago | 3 months ago | |
C | ||
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Unbound
-
Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC
dnsmasq and unbound are impacted to
https://github.com/NLnetLabs/unbound/releases/tag/release-1....
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/20...
As are any other DNSSEC validators that followed the specifications.
Bind9 has its problems but this is not its fault this time.
-
Encrypted Client Hello – the last puzzle piece to privacy
Are you familiar with https://pi-hole.net/ ?
In my house I want DNS resolution to be performed by my own DNS resolver (https://github.com/NLnetLabs/unbound), after I block ad domains.
DoH circumvents that.
-
F5 Forward Proxy DNS resolvers CNAME limit
So yep it's an unbound thing: https://github.com/NLnetLabs/unbound/issues/438 there was a PR to allow a user to change the depth of a chase. I doubt F5 would have that version of unbound in any current software but support may be able to check or look at a lab 17.1 to see what version it is--you could then manually edit the conf file but it wouldn't persist through upgrades..
-
DNS Resolver does not return correct responses for all queries
That's confirms in issue#362 I found.
-
What upstream dns resolvers do you use?
The last time I checked, Unbound does not support upstream DoH. You can configure it to reply to DoH requests from clients, but you can't use it to forward queries to another DoH provider like Cloudflare or Quad9. Has that changed? The pull request has been open for 3 years.
-
Can unbound operate in iterative mode?
And, while the documentation for unbound.conf doesn’t say a whole lot about the iterator module specifically as far as I can tell, the code says:
-
Running PiHole on a second server
Gravity-Sync won't do that. But searching around on GH, I found this : https://github.com/NLnetLabs/unbound/blob/master/contrib/unbound_cache.sh
- DNS Delegation - How to DNSSEC?
-
pfBlockerNG-devel v3.1.0_7 / v3.1.0_14
Version 1.15.0 Configure line: --with-libexpat=/usr/local --with-ssl=/usr --disable-dnscrypt --disable-dnstap --with-libnghttp2 --enable-ecdsa --disable-event-api --enable-gost --with-libevent --with-pythonmodule=yes --with-pyunbound=yes ac_cv_path_SWIG=/usr/local/bin/swig LDFLAGS=-L/usr/local/lib --disable-subnet --disable-tfo-client --disable-tfo-server --with-pthreads --prefix=/usr/local --localstatedir=/var --mandir=/usr/local/man --infodir=/usr/local/share/info/ --build=amd64-portbld-freebsd12.3 Linked libs: libevent 2.1.12-stable (it uses kqueue), OpenSSL 1.1.1n-freebsd 15 Mar 2022 Linked modules: dns64 python respip validator iterator BSD licensed, see LICENSE in source package for details. Report bugs to [email protected] or https://github.com/NLnetLabs/unbound/issues
-
Anyone know of some open-source or community based name-servers?
"Unbound" for example https://github.com/NLnetLabs/unbound
wirehole
-
PiVPN v4.6.0: The End
Shameless plug for an alternative?
> WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
https://github.com/IAmStoxe/wirehole
- Show HN: WireHole UI Now Embraces Full OSI License Compatibility
- Show HN: WireHole – UI Now Open Source Compatible
- WireHole's New UI Makes Managing WireGuard Clients Easy
- FLaNK Stack Weekly for 30 Oct 2023
- WireHole is a combination of WireGuard, Pi-hole, and Unbound
- Show HN: WireHole New UI Makes Managing WireGuard Clients Easy
-
Routing some containers through VPN
I have been running a home server for a little over a year now mostly for Plex and backups. I set up a Wireguard instance with unbound and pi-hole called Wirehole to remote to my services and keeping things secure on my phone and laptop at times.
- GuardLlama - The Ultimate Open-Source VPN, Ad-blocker and DNS resolver
-
Block all ads on your Google Pixel
https://github.com/IAmStoxe/wirehole is all you need
What are some alternatives?
Bind - Mirror of https://gitlab.isc.org/isc-projects/bind9, please submit issues and PR/MRs in the GitLab. Any issues and PRs opened here will be closed without a comment.
AdGuard-WireGuard-Unbound-Cloudflare - The ultimate self-hosted network security guide ─ Protection | Privacy | Performance for your network 24/7 Accessible anywhere [Moved to: https://github.com/trinib/AdGuard-WireGuard-Unbound-DNScrypt]
PowerDNS - PowerDNS Authoritative, PowerDNS Recursor, dnsdist
docker-pihole-unbound - Run Pi-Hole + Unbound on Docker
Knot Resolver - Knot Resolver - resolve DNS names like it's 2024
mistborn
Knot DNS - A mirrored repository
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.
dnsmasq - mirror of dnsmasq (git://thekelleys.org.uk/dnsmasq.git ). This account is NOT maintained by dnsmasq developers. I am happy to give account to them. Please feel free to contact me. 1584171677[at]qq[dot]com
raspberrypiwireguard - Install and configure WireGuard on Raspberry Pi (and others)
nextdns - NextDNS CLI client (DoH Proxy)
cloudblock - Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole DNS Ad-blocking, and DNS over HTTPS in a cloud provider - or locally - using Terraform and Ansible.