lol. I like the intro shows you're a hip cat! Unbound is great I use it at home with pfsense. The way pfsense has it integrated is just so dead simple and makes everything so easy, I love it. Also running Unbound you don't have to to hammer your ISP till they black hole you. With pfsense you can automatically register dhcp leases into dns, and automatically set nameservers over dhcp. Also you can do host based as well as domain based overrides, for instance for devices with static ips, or to avoid needing to proxy or loop back somehow to access locally services run on the WAN, or to segment entire domains over to another nameserver.
I am trying it out not on hardware running a limited number of systems through it for now, if it goes ok will switch them all over, an thanks for the kind words
Great Channel, nice video. Your background knowledgement is amazing, I realy liked to know that the fact wich DNS is not encrypted was a worry in the past.
Hi Wolter, yes, here is a site with listings and information whether they reportedly log or not dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers
Hi DJ, greetings from PL. This really helped me a lot. I know this was not the purpose of this movie, however, would it be possible that you guide us through unbound dnssec setting? I tried it several times, on my machine, but every time auto-trust-anchor-file: "path to root.key" line is enabled in .conf, unbound fails at the start. I don't know whether this is a permission issue or maybe the certificate updating process, I drilled down the YT and did not find the guide on unbound+ddnsec (only built-in pfsense).
I know this is 2 years old, but in case you're still looking for an answer or someone else is interested, my guess is that the problem is that the `unbound` user cannot access the root.key. You could try `sudo chown unbound:unbound /path/to/root.key` to make unbound the owner of the file, so it can access it. Also make sure that the directory containing root.key is accessible by user unbound.
34:20 $ sudo systemctl stop systemd-resolved ..."I wouldn't disable it because if unbound doesn't come up, you have no DNS." later... '...you need to disable it' Why can't I disable/enable systemd-resolved just as easily as start/stop?
Great video DJ! One thing I'd disagree with, you don't just have to trust the DNS forwarder. Some are legally bound to hold to their privacy agreement. Quad9 having a strict policy + Swiss law gives them no ability to collect user data without serious lawsuits.
A Domain in the world of the internet is a group of computers or even network equipment, so for instance www.google.com has a host name "www" the a period starts one of Google's domain names "google" then another period then comes the top level domain "com". Just a way to keep from having to memorize ip addresses
@@CyberGizmo yeah but your vid title says DOMAN. Doman is a value: Chaldean Numerology The numerical value of Doman in Chaldean Numerology is: 3 Pythagorean Numerology The numerical value of Doman in Pythagorean Numerology is: 2 Or are you doman-down DNS theory for us plain-folk?
Nice video, The tips about handing SSL hand shank error in the end enlighten me a lot. Thank you, DJ!
Welcome glad you enjoyed it!
Hello
Would you like to make a docker pihole with unbound with one or two containers for a full newbies?
Thanks
Great video as always, please keep making these and well done!
Thanks abobader, I am slowly moving servers over to using it so far so good
Your presentation skills are fantastic. The contents were top notch. It is a pleasure to view your video. thank you,
Thank you gans glad you enjoy the videos
Could you elaborate about VLAN security?
lol. I like the intro shows you're a hip cat! Unbound is great I use it at home with pfsense. The way pfsense has it integrated is just so dead simple and makes everything so easy, I love it. Also running Unbound you don't have to to hammer your ISP till they black hole you.
With pfsense you can automatically register dhcp leases into dns, and automatically set nameservers over dhcp. Also you can do host based as well as domain based overrides, for instance for devices with static ips, or to avoid needing to proxy or loop back somehow to access locally services run on the WAN, or to segment entire domains over to another nameserver.
I am trying it out not on hardware running a limited number of systems through it for now, if it goes ok will switch them all over, an thanks for the kind words
Great Channel, nice video. Your background knowledgement is amazing, I realy liked to know that the fact wich DNS is not encrypted was a worry in the past.
Great vid. Was thinking of making a pinhole. But you are pushing me to do diy.
Awesome Yuri, let us know how it turns out please
good vid DJ, I always learn something new from you :) - keep up the good work
Thanks Sam H appreciate that
How do I setup size of cache?
are there any other public dns servers other the known ones like cloudflare and others taking in to consideration privacy
Hi Wolter, yes, here is a site with listings and information whether they reportedly log or not dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers
Hi DJ, greetings from PL. This really helped me a lot. I know this was not the purpose of this movie, however, would it be possible that you guide us through unbound dnssec setting? I tried it several times, on my machine, but every time auto-trust-anchor-file: "path to root.key" line is enabled in .conf, unbound fails at the start. I don't know whether this is a permission issue or maybe the certificate updating process, I drilled down the YT and did not find the guide on unbound+ddnsec (only built-in pfsense).
I know this is 2 years old, but in case you're still looking for an answer or someone else is interested, my guess is that the problem is that the `unbound` user cannot access the root.key. You could try `sudo chown unbound:unbound /path/to/root.key` to make unbound the owner of the file, so it can access it. Also make sure that the directory containing root.key is accessible by user unbound.
@@mouduge Thanks for advise. I already solved that issue, and you’re right, it’s been permission issue, as well as other tweaks in conf file.
34:20
$ sudo systemctl stop systemd-resolved
..."I wouldn't disable it because if unbound doesn't come up, you have no DNS."
later...
'...you need to disable it'
Why can't I disable/enable systemd-resolved just as easily as start/stop?
I dunno but there have been several times if I had a bazooka it would have stopped. :)
true that's how i did it, the right way would have been to edit the resolv.conf file and changed the DNS name to the ubound host, but I was in a hurry
Since your Unbound server already has the root hints information, couldn't you have it do its own recursive lookups instead of using forwarders?
Hi fairalbion, sure, I do not do that, because I have unpublished private hosts on my LAN that I want DNS services for.
@@CyberGizmo Understood, watched it back & got it. I've been running Unbound for a few months & love it. Good video & nice channel BTW.
Great video DJ! One thing I'd disagree with, you don't just have to trust the DNS forwarder. Some are legally bound to hold to their privacy agreement. Quad9 having a strict policy + Swiss law gives them no ability to collect user data without serious lawsuits.
May want to read their privacy and policy, and all the hyper links related to the privacy article on their website
Ooo, that's what I needed, especially for LFCS exam, Thank Dj ware you are the best, but I don't like your new intro music
Thanks Titi glad it was timely, might work on a different music track for the intro soon
whuzza Doman???
A Domain in the world of the internet is a group of computers or even network equipment, so for instance www.google.com has a host name "www" the a period starts one of Google's domain names "google" then another period then comes the top level domain "com". Just a way to keep from having to memorize ip addresses
@@CyberGizmo yeah but your vid title says DOMAN. Doman is a value:
Chaldean Numerology
The numerical value of Doman in Chaldean Numerology is: 3
Pythagorean Numerology
The numerical value of Doman in Pythagorean Numerology is: 2
Or are you doman-down DNS theory for us plain-folk?
@@willypeters5937 ahh fixed and thanks
@@CyberGizmo lol just yankin yer chain dude. call it...digital privilege...
2021: CNS