Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [unbound]

Unbound is an open-source DNSSEC validating DNS resolver.

Unbound is an open-source BSD licensed caching DNS resolver developed by NLnet Labs, and is included in FreeBSD & OpenBSD's base installation.

In addition to validation, Unbound implements many enabled-by-default security features including hardening, cache poisoning prevention and zone overrides. Guides are available in the Documentation for configuration, and the underlying libunbound C library.

Documentation: https://www.unbound.net/documentation/index.html

Unbound(8) https://www.unbound.net/documentation/unbound.html

Unbound.conf(5) https://www.unbound.net/documentation/unbound.conf.html

63 questions
1
vote
1 answer

Best Practice for Unbound Caching DNS server

We have an Unbound caching server that was setup by another internal team. However, there is no logging enabled. I not only want this enabled for troubleshooting internal name resolution issues, but also to feed into a SIEM, and do other traffic…
user2386996
  • 11
  • 2
1
vote
1 answer

disable access-control for unbound DNS server

I have a public DNS server that obviously needs to respond to everyone and anyone. Setting up the access-control directive allowing access from every IP results in a "netblock too large" error. Does anyone know how I can disable access control for…
Balthasar
  • 113
  • 5
1
vote
1 answer

Unbound DNS resolver for a network

I'm actually trying to create a DNS resolver for my local network, to do so, I choosed to use unbound, so I installed it on an Arch Linux server, and it's working, but only for the local machine (127.0.0.1), not for the network (I want to open it to…
user342194
1
vote
1 answer

Which upstream servers is unbound using?

In order to have local DNSSEC validation, I set up a Raspberry Pi (having a static IP) with Raspian Jessie and unbound to offer a DNS server to my LAN. After I looked up some tutorials and howtos, I came up with this configuration that seems to…
comfreak
  • 1,451
  • 1
  • 21
  • 32
1
vote
1 answer

How to do parallel queries to the upstream DNS using Unbound?

Can I configure Unbound as forwarder but that it alway send a query to ALL upstream DNS servers that I configure and take as valid reply the first in arrive? Such feature exist in nsmasq pfSense: In pfSense 1.2.3 and later this behavior has been…
user120858
1
vote
1 answer

What could this extra 50ms latency be on my unbound DNS resolving server (Fedora)?

I have a discrepancy in query latency. It's not a problem, it's just strange enough to worry me. Client machine (Fedora 18) runs unbound-1.4.19-1.fc18.x86_64. Server machine (Debian 7 testing) runs unbound 1.4.17-2. Both are connected to the same…
sourcejedi
  • 1,050
  • 10
  • 19
1
vote
0 answers

how to make unbound hold many queries for non cached address to cache it first

I am looking for a way to make unbound hold queries for the same address lookup when it is not cached. It should let only one query to be processed, after that answer cached it can reply other queries from that cache. Is there such an option?
Çiçek Adam
  • 33
  • 4
1
vote
2 answers

Unbound sends recursive queries from default gateway

I am looking for an option that will make unbound to send recursive queries from a specific interface. Listening interface is easy, but I can't find asking interface option. I have 3 interfaces on my VM and I don't want unbound to ask from default…
Çiçek Adam
  • 33
  • 4
1
vote
1 answer

Runing unbound doh behind nginx

I'm trying to run unbound DoH behind nginx but I'm getting a 502 Bad Gateway error. In nginx log I have the following message: 2021/03/25 08:54:49 [error] 10052#10052: *1 upstream prematurely closed connection while reading response header from…
kuroneko
  • 121
  • 3
0
votes
1 answer

Measuring/monitoring Unbound Resolver Performance

I am running Unbound resolver on FreeBSD, and i am looking for a solution to measure its performance.sometimes there are some delays in regard of resolving domain names,and my customers are complaining. Also using Zabbix monitoring system to…
Zareh Kasparian
  • 517
  • 3
  • 17
0
votes
2 answers

unbound.service service unit slow start/restart on 1 VM and fast on another

I am debugging an issue with Unbound (DNS Resolver software) on CentOS Linux release 7.5.1804 (Core). I have 2 VMs in different environments that are supposedly running the same Unbound software. [root@vm1 ~]# rpm -qa | grep…
Subzero123
  • 31
  • 1
  • 3
0
votes
1 answer

Setup Unbound DNS for both caching/local usage and website ns

I want to use Unbound as caching and as my ns1.domain.com nameserver with DNSSEC. I came across Unbind which looks quite easy to setup and use. unbound-control local_data "mywebsite.com A 11.22.3.44" I created a NS entry at my registry for my domain…
Jeremy Dicaire
  • 165
  • 1
  • 5
  • 15
0
votes
0 answers

Restrict DNS usage to some clients

I firstly asked the question here: https://networkengineering.stackexchange.com/questions/33948/restrict-dns-usage-to-some-clients I would like to create a unbound DNS server. I don't have the IP addresses of the users. What are some other easy…
4m1nh4j1
  • 167
  • 1
  • 2
  • 8
0
votes
2 answers

Public pfSense don't resolve external DNS lookups

I have pfSense with external IP with Unbound DNS Resolver running on it. When I send inquiry from internal network, it replies, but when I send inquiry from external machine it doesn't reply. Internal: nslookup mydomain.com…
Vladimir
  • 123
  • 1
  • 1
  • 3
0
votes
1 answer

DNS lookup to localhost gives network error

I am running a recursive DNS server on Unbound in a jail on FreeBSD with pf as a firewall. Running drill @xxx.xxx.xxx.xxx example.com (where xxx.xxx.xxx.xxx is the servers IP) on my local machine yields me with a successful lookup. However, if I try…
Draon con Color
  • 29
  • 1
  • 4
1 2
3
4 5