maxime:openbsd:docs:unbound

Installation

blah

Fichier de configuration

root-hints: "/etc/unbound/root.hints"

        local-zone: "0.10.in-addr.arpa." nodefault
        local-zone: "1.10.in-addr.arpa." nodefault
#       local-zone: "2.10.in-addr.arpa." nodefault
        local-zone: "3.10.in-addr.arpa." nodefault
        local-zone: "4.10.in-addr.arpa." nodefault
        local-zone: "5.10.in-addr.arpa." nodefault
        local-zone: "example.domain.com." nodefault

stub-zone:
        name: "1.10.in-addr.arpa."
        stub-addr: 10.4.1.1@5353
        stub-addr: 10.4.1.2@5353

#stub-zone:
#       name: "2.10.in-addr.arpa."
#       stub-addr: 10.4.1.1@5353
#       stub-addr: 10.4.1.2@5353

stub-zone:
        name: "3.10.in-addr.arpa."
        stub-addr: 10.4.1.1@5353
        stub-addr: 10.4.1.2@5353

stub-zone:
        name: "4.10.in-addr.arpa."
        stub-addr: 10.4.1.1@5353
        stub-addr: 10.4.1.2@5353

stub-zone:
        name: "5.10.in-addr.arpa."
        stub-addr: 10.4.1.1@5353
        stub-addr: 10.4.1.2@5353

stub-zone:
        name: "example.domain.com."
        stub-addr: 10.4.1.1@5353
        stub-addr: 10.4.1.2@5353

Configuration

The official list of the DNS root servers needs to be up-to-date (the Internet access provider or organizations like Google may provide DNS servers but it is always advisable to get information straight from the DNS root servers).

wget ftp://FTP.INTERNIC.NET/domain/named.cache -O /etc/unbound/root.hints

Edit unbound.conf to configure the service as wished.

If there is an authoritative DNS server behind Unbound (like NSD for example), serving local (or maybe even public) zones for the local network, then the relevant zones have to be declared as local-zone and stub-zone in unbound.conf:

Mise à jour

blah

Bibliographie

  • maxime/openbsd/docs/unbound.txt
  • Dernière modification: 2021/10/08 00:17
  • (modification externe)