/ Server / Debian Router - Unbound Dns Server Setup


Published:2015-06-12T13:23:24Z Edited:2017-06-22T13:23:24Z
In the previous artilce we've configured network interfaces, so by now debian box is connected to internet through WAN-AP on eth0 and to local network throuch LAN-AP on eth1. Today we'll setup unbound dns server to serve dns queries for our awesome LAN clients.
 
 
In this debian router articles series also:
  1. Introduction.
  2. Hardware Requirements.
  3. Software installation.
  4. Basic Setup.
  5. /etc/network/Interfaces Configuration.
  6. Unbound dns server setup. (We are Here!)
  7. DHCP server setup.
  8. Squid setup.
  9. Final step iptables and sysctl.conf configuration.

 

Lets consider we have /etc/unbound directory with the following files structure

/etc/unbound
├── forward.conf
├── server.conf
├── unbound.conf
├── unbound.conf.d
│   ├── qname-minimisation.conf
│   └── root-auto-trust-anchor-file.conf
├── unbound_control.key
├── unbound_control.pem
├── unbound_server.key
└── unbound_server.pem

We need unbound to listen on eth1 ( 10.5.5.1 ) as well as lo ( 127.0.0.1 )
Lets modify /etc/unbound/server.conf so its look like the following:
 
server:
 directory: "/etc/unbound"
 username: unbound
 interface: 127.0.0.1
interface: 10.5.5.1 logfile: "/var/log/unbound.log" pidfile: "/var/run/unbound.pid" prefetch: yes prefetch-key: yes minimal-responses: yes
 
Also lets setup upstream dns servers, which unbound will get dns data from, feel free to add or remove as you pleased,
its recommended to put the most reliable dns servers first. We will use Yandex family dns for example so
we modify /etc/unbound/forward.conf as follows:
 
forward-zone:
 name: "."
 # yandex family dns
 forward-addr: 77.88.8.7
 forward-addr: 77.88.8.3
Now we need to include those two files in /etc/unbound/unbound.conf so its look like the following more or less debending on your configuration.
 
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
#include: "/etc/unbound/unbound.conf.d/*.conf"
include: "/etc/unbound/server.conf"
include: "/etc/unbound/forward.conf"

Next we need to restart unbound by running the following command:
 
service unbound restart
 
 
Next
Previous
Debian Router - Squid setup
Tags