Debian Router - Unbound Dns Server Setup

Updated:2021-12-03
Share:
In the previous artilce we've configured network interfaces, so by now debian box is connected to internet through WAN-AP on eth0 and to local network throuch LAN-AP on eth1. Today we'll setup unbound dns server to serve dns queries for our awesome LAN clients.
 
 
In this debian router articles series also:
  1. Introduction.
  2. Hardware Requirements.
  3. Software installation.
  4. Basic Setup.
  5. /etc/network/Interfaces Configuration.
  6. Unbound dns server setup. (We are Here!)
  7. DHCP server setup.
  8. Squid setup.
  9. Final step iptables and sysctl.conf configuration.

 

Lets consider we have /etc/unbound directory with the following files structure

/etc/unbound
├── forward.conf
├── server.conf
├── unbound.conf
├── unbound.conf.d
│   ├── qname-minimisation.conf
│   └── root-auto-trust-anchor-file.conf
├── unbound_control.key
├── unbound_control.pem
├── unbound_server.key
└── unbound_server.pem

We need unbound to listen on eth1 ( 10.5.5.1 ) as well as lo ( 127.0.0.1 )
Lets modify /etc/unbound/server.conf so its look like the following:
 
server:
   directory: "/etc/unbound"
   username: unbound
   interface: 127.0.0.1
interface: 10.5.5.1 logfile: "/var/log/unbound.log" pidfile: "/var/run/unbound.pid" prefetch: yes prefetch-key: yes minimal-responses: yes
 
Also lets setup upstream dns servers, which unbound will get dns data from, feel free to add or remove as you pleased,
its recommended to put the most reliable dns servers first. We will use Yandex family dns for example so
we modify /etc/unbound/forward.conf as follows:
 
forward-zone:
	name: "."
	# yandex family dns
	forward-addr: 77.88.8.7
	forward-addr: 77.88.8.3
Now we need to include those two files in /etc/unbound/unbound.conf so its look like the following more or less debending on your configuration.
 
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
#include: "/etc/unbound/unbound.conf.d/*.conf"
include: "/etc/unbound/server.conf"
include: "/etc/unbound/forward.conf"

Next we need to restart unbound by running the following command:
 
service unbound restart
 

Read also

Debian Router - Dhcp Server Setup

We've learned  previously  how to set up unbound dns server as caching dns server for our LAN users, in this article we'll configure dhcp server from which a unique ip address for each client assigned as a bonus automatically configure dns server settings for them.     In this debian router articles series also: Introduction . Hardware Requirements . Software installation . Basic Setup . /etc/network/Interfaces Configuration . Unbound dns server ...

Debian Router - Setup

In this articles series you will learn how to setup Linux (Debian) as a Router for home/business local networks, to spice things I'll show how to add dns server, proxy/web caching server, and basic web traffic filter to our cute debian box.   In this series I'll go over: Introduction . Hardware Requirements . Software installation . Basic Setup . /etc/network/Interfaces Configuration . Unbound dns server setup . DHCP server setup . Squid setup. Final step i...

Debian Router - Squid Setup

We've configured the dhcp server , so what's for today?! Today we'll configure Squid for caching web traffic and access control.     In this debian router articles series also: Introduction . Hardware Requirements . Software installation . Basic Setup . /etc/network/Interfaces Configuration . Unbound dns server setup . DHCP server setup .  Squid setup . ( We are Here! ) Final step iptables and sysctl.conf configuration .   ...

Debian Router - Network Interfaces Configuration

In preparation of using debian as a router, We'll configure network interfaces, after performing initial setup .     In this debian router articles series also: Introduction . Hardware Requirements . Software installation . Basic Setup . /etc/network/Interfaces Configuration. ( We are Here! ) Unbound dns server setup . DHCP server setup . Squid setup. Final step iptables and sysctl.conf configuration .   We'll modify /etc/network/inter...

Debian Router - Iptables And Sysctl.Conf Configuration

Tody we'll finish configuring our awesome router, in the previous article we'd configured squid proxy, in this article we'll pass all LAN traffic through squid using iptables.    In this debian router articles series also: Introduction . Hardware Requirements . Software installation . Basic Setup . /etc/network/Interfaces Configuration . Unbound dns server setup . DHCP server setup .  Squid setup .  Final step iptables and sysctl.conf c...