Giter Club home page Giter Club logo

docker-unbound's Introduction

Minimal recursive resolver

Minimal unbound installation based on Alpine Linux at 6mb.

  • Support for DNSSEC
  • Absolute minimal config

run

Example for a normal running config.

docker run --name unbound -d -p 53:53/udp -p 53:53 cdrocker/unbound

Test resolving and DNSSEC

# dig pir.org +dnssec +multi @{{dockerhost}}

docker-unbound's People

Contributors

githubcdr avatar renovate-bot avatar renovate[bot] avatar telnetdoogie avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

uysalnet ssolifd kinggkl telnetdoogie

docker-unbound's Issues

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

dockerfile
Dockerfile
  • alpine 20240329
github-actions
.github/workflows/docker.yml
  • docker/metadata-action v5
  • docker/setup-qemu-action v3
  • docker/setup-buildx-action v3
  • docker/login-action v3
  • docker/build-push-action v5
  • Check this box to trigger a request for Renovate to run again on this repository

trust anchor invalid?

Just spun up a container tonight with cdrocker/unbound:latest and all lookups fail with SERVFAIL.
Switching the verbosity to level 3 shows, for example:

unbound_alpine    | [1661072074] unbound[10:0] info: query response was ANSWER
unbound_alpine    | [1661072074] unbound[10:0] info: finishing processing for . DNSKEY IN
unbound_alpine    | [1661072074] unbound[10:0] debug: validator[module 0] operate: extstate:module_wait_module event:module_event_moddone
unbound_alpine    | [1661072074] unbound[10:0] info: validator operate: query . DNSKEY IN
unbound_alpine    | [1661072074] unbound[10:0] debug: Failed to match any usable anchor to a DNSKEY.
unbound_alpine    | [1661072074] unbound[10:0] info: validate keys with anchor(DS): sec_status_bogus
unbound_alpine    | [1661072074] unbound[10:0] info: failed to prime trust anchor -- DNSKEY rrset is not secure . DNSKEY IN
unbound_alpine    | [1661072074] unbound[10:0] debug: validator[module 0] operate: extstate:module_wait_subquery event:module_event_pass
unbound_alpine    | [1661072074] unbound[10:0] info: validator operate: query calendar.google.com. A IN
unbound_alpine    | [1661072074] unbound[10:0] info: Could not establish a chain of trust to keys for . DNSKEY IN
unbound_alpine    | [1661072074] unbound[10:0] debug: cache memory msg=68251 rrset=90935 infra=12299 val=68008
unbound_alpine    | [1661072074] unbound[10:0] debug: iterator[module 1] operate: extstate:module_wait_reply event:module_event_reply
unbound_alpine    | [1661072074] unbound[10:0] info: iterator operate: query _ta-4a5c. NULL IN
unbound_alpine    | [1661072074] unbound[10:0] info: response for _ta-4a5c. NULL IN
unbound_alpine    | [1661072074] unbound[10:0] info: reply from <.> 192.36.148.17#53
unbound_alpine    | [1661072074] unbound[10:0] info: query response was NXDOMAIN ANSWER
unbound_alpine    | [1661072074] unbound[10:0] info: finishing processing for _ta-4a5c. NULL IN
unbound_alpine    | [1661072074] unbound[10:0] debug: validator[module 0] operate: extstate:module_wait_module event:module_event_moddone
unbound_alpine    | [1661072074] unbound[10:0] info: validator operate: query _ta-4a5c. NULL IN
unbound_alpine    | [1661072074] unbound[10:0] debug: cache memory msg=68251 rrset=90935 infra=12299 val=68008

...but commenting out the trust-anchor: line from the unbound.conf file returns results again.

Obviously the trust-anchor and associated key is there for a reason, so I don't want to just leave it commented, but perhaps you have some hints on what I'm doing wrong?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.