
Unwind: A privilege-separated DNS recursive nameserver for every laptop [pdf] - Jonhoo
https://www.openbsd.org/papers/bsdcan2019_unwind.pdf
======
ahazred8ta
[https://man.openbsd.org/unwind.8](https://man.openbsd.org/unwind.8) uses
libunbound; it detects whether local DHCP DNS is working, works correctly with
captive portals, and supports opportunistic or strict DNSSEC.

This was discussed in
[https://news.ycombinator.com/item?id=19738313](https://news.ycombinator.com/item?id=19738313)
in April

------
eikenberry
Is it basically just a stripped down version of Unbound or does it provide any
additional functionality?

~~~
eikenberry
The blog post gives some hints at what it does differently but makes odd
claims about unbound not working with captive portals, which I've never had
any problems with. But maybe I've just been on well behaved networks or
something. Look forward to this being done and ported.

~~~
marios
It depends how your unbound is configured. In my case, I have unbound running
on my laptop configured as a recursive resolver; i.e: it will not query the
DHCP provided DNS.

In networks with captive portals, the DHCP provided DNS will have a record for
a URL where the user has to enter credentials or at the very least agree to
the terms and conditions. Very often though, that URL only resolves locally,
so in my setup the captive portal setup doesn't work seamlessly.

------
equalunique
Mental note: Find the talk where these slides were presented.

~~~
notaplumber
BSDCan 2019, in Ottawa happening this week!

[https://www.bsdcan.org/2019/schedule/events/1055.en.html](https://www.bsdcan.org/2019/schedule/events/1055.en.html)

Recordings tends to show up YouTube.. later. This talk was also live-streamed
earlier today.

Video from previous years:
[https://www.youtube.com/channel/UCuQhwHMJ0yK2zlfyRr1XZ_Q/vid...](https://www.youtube.com/channel/UCuQhwHMJ0yK2zlfyRr1XZ_Q/videos)

I'm always surprised this conference isn't larger, it always has a wide
breadth of low-level technical C/systems talks, with a mix of Unix/networking
sysadmin content.

