OpenBSD DNS Server with unbound and nsd

Table of Contents

Introduction

The default installation of OpenBSD comes with both unbound(8) and nsd(8); unbound is a validating, recursive, and caching DNS resolver that provides DNSSEC validation, while nsd is an authoritative name server that holds DNS records. The combination of the two running locally, means that name server lookups (i.e., requests to resolve domain names into IP addresses and vice versa) can be handled locally without being sent upstream to your ISP or another public name server such as Google. This almost completely prevents snooping or tampering …

more ...