[conspire] internal rerouting problem

Rick Moen rick at linuxmafia.com
Tue Jan 18 15:34:48 PST 2011


Quoting Ehud Kaldor (ehud.kaldor at gmail.com):

> by 'serve the entire network' i meant just that - listen externally and do
> resolution for other machines' queries, rather than doing only caching for
> the machine it runs on. as i found, unbound does that and as you say -
> dnsmasq does not.

But that's _not_ what I said.

Dnsmasq or Unbound are equally capable of accepting outbound DNS queries
from machines and getting answers for them.  The difference is that
Dnsmasq is, in that regard, just a forwarder:  It needs to refer all
such queries to a recursive server whose IP you've supplied to it.  By
contrast, Unbound _is_ a recursive server.  


Both Dnsmasq and Unbound depend on nameservers elsewhere:

o  Dnsmasq relies on a recursive server to which it forwards all queries,
   and that recursive server, in turn, relies on various authoritative
   servers elsewhere on the Internet.

o  Unbound relies on various authoritative servers elsewhere on the Internet.
   (It has the independent intelligence to query those, itself, rather
   than offloading all queries to an intermediary recursive server, 
   as Dnsmasq does.)

Please see my taxonomy and of *ix nameserver software, which explains
what each type is.
http://linuxmafia.com/faq/Network_Other/dns-servers.html





More information about the conspire mailing list