On my OpenBSD 7.1 router, I run unbound to resolve local domains to the local clients. I'd like the router itself to use the unbound daemon for lookups primarily as well, however resolvd adds the DHCP servers learned from the routers uplink, so that /etc/resolvd.conf looks like this:
nameserver <local-DNS-IP> # resolvd: cnmac0
nameserver 8.8.8.8 # resolvd: cnmac0
# Generated by cnmac0 dhclient
search local.home.example.com
nameserver 127.0.0.1
lookup file bind
It's the first 2 lines that I do not want in the file. Or at least need to move these nameserver entries below the localhost nameserver entry.
In my /etc/dhclient.conf I have the following section:
interface "cnmac0" {
supersede domain-name "local.home.example.com";
# Note: used to be 'supersede' however it should not matter here.
prepend domain-name-servers 127.0.0.1;
}
When unwind is running, resolvd does not add the DNS servers from the DHCP offer, however I cannot use that because unbound is used - unwind would take preference.
What are my choices ? (besides blocking resolvd)
Is there something that you need in unbound that you can't do in unwind?
A few options:
You can disable resolvd and then just set the nameserver entries you want in resolv.conf directly.
If you want to keep resolvd running, you can try using the newish and most OpenBSDish way of managing this with the dhcpleased approach by adding this dhcpleased.conf configuration:
As you mentioned, you could run unwind and set your preferred resolving nameserver and configs there.
If there's some extra functionality you need from unbound you could look at a 'drop-in' replacement built around unwind like unwinder.