Random related observation: If a network-related program is running (unexpectedly) slowly, you should suspect DNS.
Kind of reminds me of the old nscd – except just for dns instead of all of nss/passwd/group and whatever else nscd did too.
Aside: I wonder what benefit there is here to using an inet udp socket vs a unix domain socket… Ability to chroot? No need to also have a “file” pledge?
How does one configure it? Does resolv.conf point to rebound or to rebound’s forward server(s)?
Somewhat undecided. Right now it just reads an IP address out of rebound.conf but if rebound becomes “the resolver” then perhaps it will read resolv.conf instead.