Installation
[root@rhce-server ~]# yum install unbound
Configure Systemd
[root@rhce-server ~]# systemctl enable unbound ln -s '/usr/lib/systemd/system/unbound.service' '/etc/systemd/system/multi-user.target.wants/unbound.service' [root@rhce-server ~]# ^enable^start systemctl start unbound
Configure the Firewall
[root@rhce-server ~]# firewall-cmd --add-service=dns success [root@rhce-server ~]# firewall-cmd --add-service=dns --permanent success
Configure Unbound
Unbound’s configuration is stored in /etc/unbound/unbound.conf.By default unbound only listens on the loopback interface. Specify which interface you would like to use.
interface: 192.168.1.22Allow queries from 192.168.1.0/24.
access-control: 192.168.1.0/24 allowDisable DNSSEC.
domain-insecure: *Forward uncached requests to OpenDNS.
forward-zone: name: * forward-addr: 208.67.222.222 forward-addr: 208.67.220.220
Check Your Configuration
[root@rhce-server ~]# unbound-checkconf unbound-checkconf: no errors in /etc/unbound/unbound.conf
Restart the Unbound Service
[root@rhce-server ~]# systemctl restart unbound
Verify it is Working
Test from a different system on the network.mooose:~ jglemza$ dig fark.com A @192.168.1.22 ; <<>> DiG 9.8.3-P1 <<>> fark.com A @192.168.1.22 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60299 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;fark.com. IN A ;; ANSWER SECTION: fark.com. 43200 IN A 64.191.171.200 ;; Query time: 234 msec ;; SERVER: 192.168.1.22#53(192.168.1.22) ;; WHEN: Sat Mar 21 13:16:54 2015 ;; MSG SIZE rcvd: 42Verify the record is now in unbound’s cache.
[root@rhce-server ~]# unbound-control dump_cache|grep fark.com ns2.fark.com. 43197 IN A 23.253.56.58 fark.com. 43197 IN A 64.191.171.200 ns1.fark.com. 43197 IN A 64.191.171.194 fark.com. 43197 IN NS ns1.fark.com. fark.com. 43197 IN NS ns2.fark.com. ...
As per the man page, name should be "." (with the quotes) not * in this config snippet :
ReplyDeleteforward-zone:
name: "."
forward-addr: 208.67.222.222
forward-addr: 208.67.220.220