Unbound should be using QNAME minimisation.
How do I verify unbound is using QNAME minimisation
Please correct me if this is the incorrect place to ask this. I installed FTLDNS beta and unbound per the posted instructions (all of which worked quite well, so thanks to those who wrote them), within the last three weeks. Unbound V 1.6.0.
In my config directory (on my Pi running Stretch), there is a pre-installed “/etc/unbound/unbound.conf.d/qname-minimisation.conf” file, containing the following text:
# Send minimum amount of information to upstream servers to enhance
# privacy. Only sends minimum required labels of the QNAME and sets
# QTYPE to NS when possible.
# See RFC 7816 "DNS Query Name Minimisation to Improve Privacy" for # details. qname-minimisation: yes.
All the files in this directory are included in “/etc/unbound/unbound.conf” via an "include: “/etc/unbound/unbound.conf.d/*.conf” command line.
So, from what I can see, unbound should be running with QNAME minimisation ON. Unbound is working and finding DNS addresses.
My question - how can I verify that unbound is actually using QNAME minimisation? Is there a log file or status command that would verify this? I’ve searched through MAN unbound and MAN unbound-control but haven’t found a way. Any help from the unbound experts (or referral to the correct place) would be appreciated.