Bug 238893

Summary: dns/unbound: Add profile support to rc script
Product: Ports & Packages Reporter: C <cm>
Component: Individual Port(s)Assignee: Kubilay Kocak <koobs>
Status: Closed FIXED    
Severity: Affects Some People CC: jaap
Priority: --- Keywords: feature
Version: LatestFlags: bugzilla: maintainer-feedback? (jaap)
Hardware: Any   
OS: Any   
Bug Depends on: 240163    
Bug Blocks:    
Attachments:
Description Flags
Patch to test out none

Description C 2019-06-30 09:35:28 UTC
There are multiple use-cases that requires running multiple unbound instances.

examples:
- if you want to have an instance with DNS64 enabled but also need an instance without DNS64

- if you want to have different ACLs per interface

- if you need to run unbound in two distinct routing contexts (setfib)

There are multiple examples of ports having multi-instance support:

- https://lists.freebsd.org/pipermail/freebsd-hackers/2013-June/043013.html
- security/tor https://svnweb.freebsd.org/ports/head/security/tor/files/tor.in?revision=463489&view=markup

It were great if the unbound port rc.d script gets native support for multiple instances.

Each intances should have its own config file and optionally support distinct user and distinct fib.
Comment 1 Jaap Akkerhuis 2019-07-01 13:46:09 UTC
Someone else asked me (privately) about this some time ago. He/She promised me to propose a patch but that never happened, so I guess it is time to roll my own. I'm rather busy on the moment but I'll see what I can in the coming days.

Since dns/nsd has a similar startup structure as unbound, I will base it on the nsd rc script.

        jaap
Comment 2 Jaap Akkerhuis 2019-08-12 10:24:40 UTC
Created attachment 206472 [details]
Patch to test out

I whipped up this version. Do test it and report results. Thanks!
Comment 3 Jaap Akkerhuis 2019-09-03 08:10:34 UTC
This got added to release 1.9.3 of unbound (See PR #240163) so I we can close this one