Kamis, 06 Februari 2025

Install Unbound DNS as a DNS Forwarder and Cache on Ubuntu 22.04

on  
Tutorial: Install Unbound DNS as a DNS Forwarder and Cache on Ubuntu 22.04

Tutorial: Install Unbound DNS as a DNS Forwarder and Cache on Ubuntu 22.04

Unbound is a lightweight, fast, and secure DNS resolver. In this tutorial, we will install and configure Unbound as a DNS forwarder and cache that connects directly to the root DNS servers on Ubuntu 22.04.

Step 1: Update the System

First, ensure your system is up-to-date by running the following commands:

sudo apt update
sudo apt upgrade -y

Step 2: Install Unbound

Install Unbound using the apt package manager:

sudo apt install unbound -y

Step 3: Configure Unbound

After installation, we need to configure Unbound to function as a DNS forwarder and cache.

1. Backup the Default Configuration

Before making changes, it’s recommended to back up the default configuration file:

sudo cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.bak

2. Edit the Unbound Configuration File

Open the Unbound configuration file with a text editor like nano:

sudo nano /etc/unbound/unbound.conf

3. Add Forwarder and Cache Configuration

Add or edit the following section in the configuration file:

server:
    # Listen on all interfaces
    interface: 0.0.0.0
    interface: ::0

    # Enable DNS caching
    cache-min-ttl: 3600
    cache-max-ttl: 86400

    # Use root hints for DNS resolution
    root-hints: "/var/lib/unbound/root.hints"

    # Enable prefetching to improve performance
    prefetch: yes

    # Enable DNSSEC validation
    auto-trust-anchor-file: "/var/lib/unbound/root.key"
    val-override-date: 0

    # Forward queries to upstream DNS servers
    forward-zone:
        name: "."
        forward-addr: 8.8.8.8
        forward-addr: 8.8.4.4

You can replace 8.8.8.8 and 8.8.4.4 with other DNS servers of your choice.

4. Download Root Hints

Unbound requires a root hints file for DNS resolution. Download the root hints file using the following command:

sudo wget -O /var/lib/unbound/root.hints https://www.internic.net/domain/named.cache

Step 4: Restart and Enable Unbound

After completing the configuration, restart Unbound and enable it to start on boot:

sudo systemctl restart unbound
sudo systemctl enable unbound

Step 5: Test the Configuration

To ensure Unbound is working correctly, you can test it using the dig command:

dig @127.0.0.1 google.com

If the configuration is successful, you will see the DNS query result from Unbound.

Step 6: Configure Clients to Use Unbound

Finally, configure your clients or devices to use Unbound as the DNS server. You can change the DNS settings on your router or on individual devices.

Conclusion

By following this tutorial, you have successfully installed and configured Unbound as a DNS forwarder and cache on Ubuntu 22.04. Unbound will help improve the speed and security of your DNS resolution.

Share: