Difference between revisions of "Unbound"

From ArchWiki
Jump to: navigation, search
m (Adding named to boot process: Wrong server name fix)
m (Installation: Linked packages)
Line 6: Line 6:
 
==Installation==
 
==Installation==
  
Install unbound, and expat which is dependency for [[DNSSEC]]:
+
Install {{Pkg|unbound}}, and {{Pkg|expat}} which is dependency for [[DNSSEC]]:
 
  pacman -S unbound expat
 
  pacman -S unbound expat
  

Revision as of 13:12, 27 February 2012


Unbound is a validating, recursive, and caching DNS resolver.

Installation

Install unbound, and expat which is dependency for DNSSEC:

pacman -S unbound expat

Basic configuration

Unbound configuration

Unbound is easy to configure. Following configuration placed in /etc/unbound/unbound.conf is enough to run on both IPv4 and IPv6 without access restrictions:

server:
  username: "unbound"
  directory: "/etc/unbound"
  use-syslog: yes
  interface: 0.0.0.0
  interface: ::0
  verbosity: 1

To use specific servers for default forward zone (all queries will be forwarded to them, and then cached) add this to the configuration file:

forward-zone:
  name: "."
  forward-addr: 208.67.222.222
  forward-addr: 208.67.220.220

This will make unbound use OpenDNS servers as forward zone.

Adding unbound to boot process

Edit /etc/rc.conf (See also rc.conf):

DAEMONS=(.. unbound ..)

Place unbound before daemons that require network access.

Set /etc/resolv.conf to use the local DNS server

Edit /etc/resolv.conf (See also resolv.conf):

nameserver 127.0.0.1