Setting up Unbound as an recursive caching DNS server
Unbound has been setup with the motivation of providing:
- fast DNS resolution
- IPv6 support
- easy to configure and maintain
Unbound is part of the Fedora distribution, and for RHEL/CentOS it is part of the EPEL repository.
# yum install unbound
Configure the server for internal use only, bound to a specific address with the configuration file '/etc/unbound/unbound.conf':
server:
verbosity: 1
num-threads: 2
interface: 10.20.2.5
interface: 2001:4428:225:2::5
access-control: 0.0.0.0/0 refuse
access-control: 10.20.0.0/16 allow
access-control: 127.0.0.0/8 allow
access-control: ::0/0 refuse
access-control: ::1 allow
access-control: ::ffff:127.0.0.1 allow
access-control: fe80::/10 allow
access-control: 2001:4428:225::0/48 allow
local-zone: "20.10.in-addr.arpa." transparent
stub-zone:
name: "lucidsolutions.co.nz"
stub-addr: 2001:4428:225:2::3
stub-addr: 10.20.2.3
stub-zone:
name: "20.10.in-addr.arpa"
stub-addr: 2001:4428:225:2::3
stub-addr: 10.20.2.3
stub-zone:
name: "5.2.2.0.8.2.4.4.1.0.0.2.ip6.arpa"
stub-addr: 2001:4428:225:2::3
stub-addr: 10.20.2.3
Start the unbound service
# service unbound start
Links
Appendices
CentOS 5 RPM Installation
Dependencies Resolved ========================================================================================= Package Arch Version Repository Size ========================================================================================= Installing: unbound x86_64 1.4.4-1.el5 epel 814 k Installing for dependencies: ldns x86_64 1.6.4-4.el5 epel 447 k libevent x86_64 1.4.13-1 base 112 k libpcap x86_64 14:0.9.4-15.el5 base 109 k unbound-libs x86_64 1.4.4-1.el5 epel 261 k Transaction Summary ========================================================================================= Install 5 Package(s) Upgrade 0 Package(s) Total download size: 1.7 M
