Unbound-1.4.22
Introduction to Unbound
Unbound is a validating,
recursive, and caching DNS resolver. It is designed as a set of
modular components that incorporate modern features, such as
enhanced security (DNSSEC) validation, Internet Protocol Version 6
(IPv6), and a client resolver library API as an integral part of
the architecture.
This package is known to build and work properly using an LFS-7.6
systemd platform.
Package Information
-
Download (HTTP): http://www.unbound.net/downloads/unbound-1.4.22.tar.gz
-
Download MD5 sum: 59728c74fef8783f8bad1d7451eba97f
-
Download size: 4.6 MB
-
Estimated disk space required: 42 MB (additional 70 MB for
docs and 5 MB for tests)
-
Estimated build time: 0.6 SBU (additional less than 0.1 SBU
for docs and 0.2 SBU for tests)
Unbound Dependencies
Required
ldns-1.6.17 and OpenSSL-1.0.1i
Optional
libevent-2.0.21, Python-2.7.8,
SWIG-3.0.2 (for Python bindings), and Doxygen-1.8.8 (for html documentation)
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/unbound
Installation of Unbound
There should be a dedicated user and group to take control of the
unbound daemon after
it is started. Issue the following commands as the root
user:
groupadd -g 88 unbound &&
useradd -c "Unbound DNS resolver" -d /var/lib/unbound -u 88 \
-g unbound -s /bin/false unbound
Install Unbound by running the
following commands:
./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-static \
--with-pidfile=/run/unbound.pid &&
make
If you have Doxygen-1.8.8 package installed and want to
build html documentation, run the following command:
make doc
To test the results, issue make
check.
Now, as the root
user:
make install &&
mv -v /usr/sbin/unbound-host /usr/bin/
If you built html documentation, install it by running the
following commands as the root
user:
install -v -m755 -d /usr/share/doc/unbound-1.4.22 &&
install -v -m644 doc/html/* /usr/share/doc/unbound-1.4.22
Command Explanations
--disable-static
: This
switch prevents installation of static versions of the libraries.
--with-libevent
: This switch enables
libevent support allowing use of large outgoing port ranges.
--with-pyunbound
: This switch enables
building of the Python bindings.
Configuring Unbound
Config Files
/etc/unbound/unbound.conf
Configuration Information
In the default configuration, unbound will bind to localhost
(127.0.0.1 IP address) and allow recursive queries only from
localhost clients. If you want to use unbound for local DNS
resolution, run the following command as the root
user:
echo "nameserver 127.0.0.1" > /etc/resolv.conf
If you are using a DHCP client for connecting to a network,
/etc/resolv.conf
gets overwritten
with values provided by DHCP server. You can override this, for
example in DHCP-4.3.1, by running the following command:
sed -i '/request /i\supersede domain-name-servers 127.0.0.1;' \
/etc/dhcp/dhclient.conf
For advanced configuration see /etc/unbound/unbound.conf
file and the
documentation.
Systemd Units
To start the unbound daemon at boot, install
the systemd unit from the blfs-systemd-units-20140907 package by
running the following command as the root
user:
make install-unbound
Contents
Installed Programs:
unbound, unbound-anchor,
unbound-checkconf, unbound-control, unbound-control-setup, and
unbound-host
Installed Library:
libunbound.so and
/usr/lib/python2.7/site-packages/_unbound.so
Installed Directories:
/etc/unbound and
/usr/share/doc/unbound-1.4.22
Short Descriptions
unbound
|
is a DNS resolver daemon.
|
unbound-anchor
|
performs setup or update of the root trust anchor for
DNSSEC validation.
|
unbound-checkconf
|
checks unbound configuration
file for syntax and other errors.
|
unbound-control
|
performs remote administration on the unbound DNS resolver.
|
unbound-control-setup
|
generates self-signed certificate and private keys for
the server and client.
|
unbound-host
|
is a DNS lookup utility similar to host from BIND Utilities-9.10.0-P2.
|
libunbound.so
|
provides the Unbound API
functions to programs.
|
Last updated on 2013-07-21 21:06:50 +0200