Setting up unbound DNS server: Difference between revisions
m (useful little word "not" :)) |
(remove the zone data, unbound is far more useful as caching-only) |
||
| Line 3: | Line 3: | ||
= Install = | = Install = | ||
Install the package: | |||
{{Cmd|apk add unbound}} | {{Cmd|apk add unbound}} | ||
= Configure = | = Configure = | ||
The following configuration is an example of a server | The following configuration is an example of a caching name server (in a production server, it's recommended to adjust the access-control parameter to limit to your network). | ||
* /etc/unbound/unbound.conf | * /etc/unbound/unbound.conf | ||
<pre> | <pre> | ||
server: | server: | ||
verbosity: 1 | verbosity: 1 | ||
interface: | interface: 10.0.0.1 | ||
do-ip4: yes | do-ip4: yes | ||
do-ip6: no | do-ip6: no | ||
| Line 23: | Line 20: | ||
do-daemonize: yes | do-daemonize: yes | ||
access-control: 0.0.0.0/0 allow | access-control: 0.0.0.0/0 allow | ||
python: | python: | ||
remote-control: | remote-control: | ||
control-enable: no | control-enable: no | ||
</pre> | </pre> | ||
| Line 72: | Line 31: | ||
/etc/init.d/unbound start}} | /etc/init.d/unbound start}} | ||
Test: | Test: | ||
{{Cmd|dig nl.alpinelinux.org @ | {{Cmd|dig nl.alpinelinux.org @10.0.0.1}} | ||
Revision as of 11:25, 1 January 2012
Unbound is a validating, recursive, and caching DNS resolver that supports DNSSEC.
Install
Install the package:
apk add unbound
Configure
The following configuration is an example of a caching name server (in a production server, it's recommended to adjust the access-control parameter to limit to your network).
- /etc/unbound/unbound.conf
server:
verbosity: 1
interface: 10.0.0.1
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes
access-control: 0.0.0.0/0 allow
python:
remote-control:
control-enable: no
Set auto-start, start and test the daemon
Set to auto-start then start unbound:
rc-update add unbound /etc/init.d/unbound start
Test:
dig nl.alpinelinux.org @10.0.0.1