In the previous article we''ve configured network interfaces, so by now debian box is connected to internet through WAN-AP on eth0 and to local network through LAN-AP on eth1. Today we''ll setup unbound dns server to serve dns queries for our awesome LAN clients.
In this debian router articles series also:
- Hardware Requirements.
- Software installation.
- Basic Setup.
- /etc/network/Interfaces Configuration.
- Unbound dns server setup. (We are Here!)
- DHCP server setup.
- Squid setup.
- Final step iptables and sysctl.conf configuration.
Lets consider we have /etc/unbound directory with the following files structure
│ ├── qname-minimisation.conf
│ └── root-auto-trust-anchor-file.conf
We need unbound to listen on eth1 ( 10.5.5.1 ) as well as lo ( 127.0.0.1 )
Lets modify /etc/unbound/server.conf so its look like the following:
server: directory: "/etc/unbound" username: unbound interface: 127.0.0.1
interface: 10.5.5.1 logfile: "/var/log/unbound.log" pidfile: "/var/run/unbound.pid" prefetch: yes prefetch-key: yes minimal-responses: yes
Also lets setup upstream dns servers, which unbound will get dns data from, feel free to add or remove as you pleased,
its recommended to put the most reliable dns servers first. We will use Yandex family dns for example so
we modify /etc/unbound/forward.conf as follows:
forward-zone: name: "." # yandex family dns forward-addr: 126.96.36.199 forward-addr: 188.8.131.52
Now we need to include those two files in /etc/unbound/unbound.conf so its look like the following more or less debending on your configuration.
# Unbound configuration file for Debian. # # See the unbound.conf(5) man page. # # See /usr/share/doc/unbound/examples/unbound.conf for a commented # reference config file. # # The following line includes additional configuration files from the # /etc/unbound/unbound.conf.d directory. #include: "/etc/unbound/unbound.conf.d/*.conf" include: "/etc/unbound/server.conf" include: "/etc/unbound/forward.conf"
Next we need to restart unbound by running the following command:
service unbound restart
Next DHCP server setup.