Compdigitec Labs

« | Home

Simple recursive DNS server with Unbound DNS

By admin | July 30, 2020

This is a simple configuration for running a recursive DNS server (passes DNS requests to another server and caches responses) with the Unbound DNS server.

Installation (Ubuntu):

sudo apt-get install -y unbound

Open the config

sudo vim /etc/unbound/unbound.conf

Configuration

Replace 8.8.8.8 below with the desired upstream DNS server.

# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
#include: "/etc/unbound/unbound.conf.d/*.conf"
# NOTE: needed to comment out the above line avoid a "status: SERVFAIL" response

server:
    # Enable verbose debugging messages
    verbosity: 1000

    # Run on all interfaces
    interface: 0.0.0.0

    # Hide the server name and version
    hide-identity: yes
    hide-version: yes

    # Who should be able to query the server
    access-control: 0.0.0.0/0 allow

    do-ip4: yes
    do-ip6: no

    do-udp: yes
    # Enable this to support TCP DNS which is required in some applications
    do-tcp: yes

    # Allow forwarding to another 127.0.0.0/8 DNS server (e.g. another local dnsmasq or systemd-resolve)
    do-not-query-localhost: no

forward-zone:
    name: "."
    # Replace 8.8.8.8 with your desired upstream DNS server
    # You can have multiple forward-addr lines
    forward-addr: 8.8.8.8@53

Starting the server

sudo systemctl restart unbound

Debugging / Troubleshooting

Query the server

dig @your_server_here example.com

Read the DNS server log

sudo systemctl status unbound -n 50

References:

If you found this article helpful or interesting, please help Compdigitec spread the word. Don’t forget to subscribe to Compdigitec Labs for more useful and interesting articles!

Topics: Linux | No Comments »

Comments