There are multiple use-cases that requires running multiple unbound instances.
- if you want to have an instance with DNS64 enabled but also need an instance without DNS64
- if you want to have different ACLs per interface
- if you need to run unbound in two distinct routing contexts (setfib)
There are multiple examples of ports having multi-instance support:
- security/tor https://svnweb.freebsd.org/ports/head/security/tor/files/tor.in?revision=463489&view=markup
It were great if the unbound port rc.d script gets native support for multiple instances.
Each intances should have its own config file and optionally support distinct user and distinct fib.
Someone else asked me (privately) about this some time ago. He/She promised me to propose a patch but that never happened, so I guess it is time to roll my own. I'm rather busy on the moment but I'll see what I can in the coming days.
Since dns/nsd has a similar startup structure as unbound, I will base it on the nsd rc script.
Created attachment 206472 [details]
Patch to test out
I whipped up this version. Do test it and report results. Thanks!