Configuring openresolv

/etc/resolvconf.conf is the openresolv's configuration file. The out of the box default just talks to libc. If you have a resolver other than libc installed, you will need to configure three variables. Below is a sample configuration for dnsmasq, pdns_recursor and named resolvers.

# Use the local name server
name_servers=127.0.0.1

# If don't want to forward the root zone and let the local resolver
# recursively query the root servers directly,
# simply mark all interfaces private.
# You may need to do this if you enable DNSSEC in the local resolver but the
# upstream DNS servers say from your router or ISP don't support DNSSEC.
#private_interfaces="*"

# Write out dnsmasq extended configuration and resolv files
dnsmasq_conf=/etc/dnsmasq-conf.conf
dnsmasq_resolv=/etc/dnsmasq-resolv.conf

# Modify the pdnsd configuration file
pdnsd_conf=/etc/pdnsd.conf

# Write out PowerDNS Recursor forward zones file
pdns_zones=/etc/recursor-zones.conf

# Write out named extended configuration and zone files
named_options=/etc/namedb/resolvconf-options.conf
named_zones=/etc/namedb/resolvconf-zones.conf

# Write out unbound configuration file
unbound_conf=/etc/unbound-resolvconf.conf

You then need to configure your resolver to use these files. There are some sample resolver configs below, with quick links to each one at the top of this page.

Unbound configuration

A simple local resolver configuration for Unbound

include: "/etc/unbound-resolvconf.conf"

server:
    pidfile:    "/var/run/unbound.pid"

    #Allow reverse IPv4 local network queries
    local-zone: "10.in-addr.arpa." nodefault
    local-zone: "168.192.in-addr.arpa." nodefault

dnsmasq configuration

A simple local resolver configuration for dnsmasq

domain-needed
interface=lo
# If dnsmasq is compiled for DBus then we can take
# advantage of not having to restart dnsmasq.
enable-dbus
conf-file=/etc/dnsmasq-conf.conf
resolv-file=/etc/dnsmasq-resolv.conf

named configuration

A simple local resolver file for BIND (named).

options {
        # This directory is distribution dependent - it's commonly /etc/bind as well
        directory "/etc/namedb";
        listen-on {
                127.0.0.1;
        };
        allow-recursion { localhost; localnets; };
        include "resolvconf-options.conf";
};
include "resolvconf-zones.conf";

# The below options are only here for completeness.
# They are taken from the stock NetBSD install and may not
# apply to your distribution configuration.
zone "." {
        type hint;
        file "root.cache";
};

zone "localhost" {
        type master;
        file "localhost";
};

zone "127.IN-ADDR.ARPA" {
        type master;
        file "127";
};

zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
        type master;
        file "loopback.v6";
};

pdnsd configuration

A simple local resolver configuration for pdnsd

global {
     server_ip = 127.0.0.1;
     status_ctl = on;
}

server {
     # A server definition is required, even if emtpy.
     label="empty";
     proxy_only=on;
     # If this configuation is read-only then you can include a resolv.conf
     # style file using the below directive if you enable pdnsd_resolv in resolvconf.conf
     # file="/etc/pdnsd-resolv.conf";
}

PowerDNS Recursor configuration

A simple local resolver configuration for PowerDNS Recursor

allow-from=127.0.0.0/8, ::1/128
forward-zones-file=/etc/recusor-zones.conf

This subscriber is not installed by default because it has a very limited use and is only slightly better than libc.
However, it is included in the source tarball if it of use to you or you can improve it.