I am quite familiar with dnsmasq but have zero experience with Unbound DNS.
I had previously an OpenWrt KidSafe configuration which is based on using dnsmasq but I am curious about switching that over to Unbound.
multiple instances of Unbound DNS (one per wireless network)
Basically, one wireless network which is unrestricted. Then a second wireless network (KidSafe) which uses OpenDNS Family Shield for upstream DNS. On the KidSafe network, there will be cname or IP changes which enforce SafeSearch on Google, YouTube, Bing, etc.
However, the main part that I am stuck on is creating multiple instances of Unbound DNS. If someone can assist me with that part, please let me know. Thank you.
A single instance of
unbound can support "views" that provide different results to different clients.
You might not be able to set the upstream resolvers within a view. I have never looked into that. To start multiple instances of
unbound, you'll likely need to hand-craft the second config file and define a new
procd service (perhaps based on the existing one) for the second instance.
Thank you for this great reference info. This has got me moving in the right direction now with the 'views' method.
Making this feature UCI friendly and flexible has been a goal of mine, but I havent had the time to do it the right way. Unbound has interface ACL also that can 'Tag' like dnsmasq. This combo can create a DNS firewall between Guest and LAN (think cafe public WiFi) just as the actual routing firewall.