IRCNow

You are here: start » irc » openbsd » unbound

This is an old revision of the document!

Unbound is a caching DNS resolver that comes as a part of OpenBSD base. You can use this to provide faster as well as more secure DNS lookup for the users on your network.

Here's a sample /var/unbound/etc/unbound.conf: 

server:
        interface: 127.0.0.1 # listen on localhost
        interface: 192.168.1.1 # listen on 192.168.1.1 to provide DNS for users on a network
        interface: ::1
        #do-ip6: no

        access-control: 0.0.0.0/0 refuse # block all users by default
        access-control: 127.0.0.0/8 allow # allow localhost to use unbound
        access-control: 192.168.0.0/16 allow # allow users on your network to use unbound
        access-control: ::0/0 refuse # block all IPv6 users by default
        access-control: ::1 allow # allow IPv6 localhost to use unbound

        hide-identity: yes
        hide-version: yes

remote-control:
        control-enable: yes
        control-interface: /var/run/unbound.sock

forward-zone:
        name: "."
forward-addr: 185.117.154.144
forward-addr: 165.227.40.43
forward-addr: 217.144.132.169
forward-addr: 212.237.22.141
forward-addr: 165.227.108.86

The forward-addr lines indicate which nameserver unbound will query. You can find a list of public servers on OpenNIC.

Last modified: 2019/11/15 02:49
Except where otherwise noted, content on this wiki is licensed under the following license: IRCNow
Translations of this page: