default local DNS caching name server

Paul Wouters paul at
Mon Apr 14 16:00:45 UTC 2014

On Mon, 14 Apr 2014, Dan Williams wrote:

> But another scenario I've seen:  older Netgear routers which intercept
> "" as the setup page.  The instructions literally
> are:
> 1) connect your computer to the router with a cable
> 2) go to
> 3) follow the setup guide instructions
> Any idea how dnssec-trigger + unbound would handle this?  Since it's
> router setup, maybe spawning the whole new window for the "portal" would
> work, but you'd want to make sure the window didn't go away or DNS
> didn't change until the user was done setting up the router.

I don't know what they do when you query for anything else. If there is
no hotspot redirection on port 80/443 and their DNS server works
properly, and your wifi was secure, you would then get their forward
and the above would work. If it is an open wifi, we would not install
the forward and you would not get there. but in the current setup, you
can pick "hotspot login" mode and it puts their DNS in place, and than
you will reach it. Note that manual hotspot login sessions require you
to manually mark them for "reprobe" as well because apparently we cannot
probe for it because you manually overrode it. If you switch networks,
and bring up the VPN, you'll encounter weird things. While still in
hotspot mode, the VPN forward put into unbound is not active because you
are not using unbound yet (until you hit reprobe to leave "hotspot
signon" mode.


More information about the devel mailing list