Tutorial Unbound
From NREN
Unbound is a FOSS (Free and Open-source software) validating, recursive, and caching DNS resolver product from NLnet Labs.
Features
- Caching resolver with prefetching of popular items before they expire
- DNS over TLS forwarding and server, with domain-validation[2]
- DNS over HTTPS[3][4]
- Query Name Minimization[5]
- Aggressive Use of DNSSEC-Validated Cache[6]
- Authority zones, for a local copy of the root zone[7]
- DNS64
- DNSCrypt[8]
- DNSSEC validating
- EDNS Client Subnet
TL;DR
sudo apt install -y unbound
Step-by-step Tutorial
- Login to your server
- Install package Unbound
sudo apt install -y unbound
Testing
To check if unbound is working fine:
dig @127.0.0.1 yahoo.com
Go through the output:
labuser@labmachine:~$ dig @localhost yahoo.com ; <<>> DiG 9.18.24-1-Debian <<>> @localhost yahoo.com ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26347 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;yahoo.com. IN A ;; ANSWER SECTION: yahoo.com. 1428 IN A 74.6.143.25 yahoo.com. 1428 IN A 74.6.231.21 yahoo.com. 1428 IN A 98.137.11.164 yahoo.com. 1428 IN A 98.137.11.163 yahoo.com. 1428 IN A 74.6.143.26 yahoo.com. 1428 IN A 74.6.231.20 ;; Query time: 0 msec ;; SERVER: ::1#53(localhost) (UDP) ;; WHEN: Thu Jul 25 11:01:56 UTC 2024 ;; MSG SIZE rcvd: 134
