95 lines
1.9 KiB
Markdown
95 lines
1.9 KiB
Markdown
```sh
|
|
sudo apt update &&
|
|
sudo apt install unbound -y &&
|
|
unbound -V
|
|
```
|
|
|
|
```sh
|
|
sudo systemctl start unbound &&
|
|
sudo systemctl enable unbound &&
|
|
sudo systemctl status unbound
|
|
```
|
|
On Windows configuration is:
|
|
|
|
```yaml
|
|
server:
|
|
verbosity: 4
|
|
qname-minimisation: no
|
|
interface: 127.0.0.1
|
|
do-ip6: no
|
|
do-ip4: yes
|
|
logfile: "C:\unbound.log"
|
|
domain-insecure: "test."
|
|
domain-insecure: "local."
|
|
domain-insecure: "pizza."
|
|
auto-trust-anchor-file: "C:\Program Files\Unbound\root.key"
|
|
private-address: ::/0
|
|
harden-dnssec-stripped: no
|
|
harden-referral-path: no
|
|
|
|
# Явно указываем, что зона "test." не локальная
|
|
local-zone: "test." transparent
|
|
|
|
forward-zone:
|
|
name: "test."
|
|
forward-addr: 192.168.200.85@5300
|
|
|
|
forward-zone:
|
|
name: "local."
|
|
forward-addr: 192.168.200.85@5300
|
|
|
|
forward-zone:
|
|
name: "pizza."
|
|
forward-addr: 10.101.1.31@53
|
|
|
|
forward-zone:
|
|
name: "srv."
|
|
forward-addr: 10.101.1.31@53
|
|
|
|
remote-control:
|
|
control-enable: yes
|
|
control-interface: 127.0.0.1
|
|
control-use-cert: no
|
|
```
|
|
|
|
On Linux conf file devide on anoter files
|
|
```sh
|
|
sudo mcedit /etc/unbound/unbound.conf
|
|
```
|
|
|
|
```sh
|
|
cd /etc/unbound/ &&
|
|
sudo mc
|
|
```
|
|
|
|
Получить полный список локальных зон можно так: unbound-control
|
|
```sh
|
|
unbound-control list_local_zones
|
|
```
|
|
|
|
```sh
|
|
sudo systemctl restart unbound
|
|
```
|
|
|
|
```sh
|
|
sudo systemctl status unbound.service
|
|
```
|
|
```sh
|
|
sudo journalctl -xeu unbound.service
|
|
```
|
|
|
|
Check on errors:
|
|
```sh
|
|
sudo unbound-checkconf /etc/unbound/unbound.conf
|
|
```
|
|
|
|
|
|
Прописываем для определенного интерфейса:
|
|
```sh
|
|
sudo resolvectl dns wlp14s0 127.0.0.1
|
|
```
|
|
Проверяем что стоит в качестве NDS резольвера
|
|
```sh
|
|
resolvectl status
|
|
```
|