Re: [knot-resolver-users] Configuring kresd to query multiple nameservers and return the first affirmative response?

On 01/12/2019 05.31, Bernd Wechner wrote: Hi. Knot Resolver itself doesn't configure forwarding or any resolvers to forward to. If you want to configure forwarding, you have to provide Knot Resolver with IP address for the policy.FORWARD() or policy.TLS_FORWARD() function in kresd.conf. See policy module documentation for details [1]. Are you asking how does Turris configure Knot Resolver with the ISP's DNS resolver as a forwarder? That, I don't know, but a proper place to ask would probably be the Turris forum [2] or support. No. Do you need to use the VPN's DNS resolvers? If so, why? Are there some zones that can be resolved only on their DNS resolver? Are you concerned about "DNS leak" when using VPN? If you don't actually need to use the VPN's DNS resolvers, your problems could be solved by configuring your VPN software not to change your default local resolver (in /etc/resolv.conf). In that case, you'll use the Turris Omnia's resolver (configured by DHCP) which is able to resolve you local .lan addresses. [1] - https://knot-resolver.readthedocs.io/en/stable/modules.html#query-policies [2] - https://forum.turris.cz/ -- Tomas Krizek PGP: 4A8B A48C 2AED 933B D495 C509 A1FB A5F7 EF8C 4869