Scribd
Upload
35 views

Domain Name Resolving

This document provides instructions for configuring domain name resolving using the Unbound resolver on a router. It describes downloading root hint files, editing the Unbound configuration file to set the root hints file, allow private addresses for local domains, and configure local zones to resolve locally or forward to another DNS server for domains like the local network.

Uploaded by

list_course
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
35 views

Domain Name Resolving

This document provides instructions for configuring domain name resolving using the Unbound resolver on a router. It describes downloading root hint files, editing the Unbound configuration file to set the root hints file, allow private addresses for local domains, and configure local zones to resolve locally or forward to another DNS server for domains like the local network.

Uploaded by

list_course
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Domain Name Resolving — Roll Your Own Network https://roll.urown.net/router/unbound.

html
Docs » Router » Domain Name Resolving

 Previous Next 

Domain Name Resolving

Installation

$ opkg update
$ opkg install unbound

Configuration

$ cd /etc/unbund
$ wget -O ICANN.cache ftp://FTP.INTERNIC.NET/domain/named.cache
$ wget -O ORSN.cache http://www.orsn.org/roothint/root-hint.txt
$ wget http://ftp.isc.org/www/dlv/dlv.isc.org.key

Edit /etc/unbound/unbound.conf :

1 of 3 8/6/19, 8:32 PM
Domain Name
... Resolving — Roll Your Own Network https://roll.urown.net/router/unbound.html

# file to read root hints from.


# get one from ftp://FTP.INTERNIC.NET/domain/named.cache
# root-hints: ""
#root-hints: "/etc/unbound/named.cache"
root-hints: "/etc/unbound/ORSN.cache"

...

# Allow the domain (and its subdomains) to contain private addresses.


# local-data statements are allowed to contain private addresses too.
# private-domain: "example.net"
private-domain: "lan"

...

# if yes, the above default do-not-query-address entries are present.


# if no, localhost can be queried (for testing and debugging).
# do-not-query-localhost: yes
do-not-query-localhost: no

...

# File with DLV trusted keys. Same format as trust-anchor-file.


# There can be only one DLV configured, it is trusted from root down.
# Download http://ftp.isc.org/www/dlv/dlv.isc.org.key
dlv-anchor-file: "dlv.isc.org.key"

...

# Ignore chain of trust. Domain is treated as insecure.


# domain-insecure: "example.net"
domain-insecure: "lan."
domain-insecure: "168.192.in-addr.arpa."
...

# a number of locally served zones can be configured.


# local-zone: <zone> <type>
# local-data: "<resource record string>"
# o deny serves local data (if any), else, drops queries.
# o refuse serves local data (if any), else, replies with error.
# o static serves local data, else, nxdomain or nodata answer.
# o transparent gives local data, but resolves normally for other names
# o redirect serves the zone data for any subdomain in the zone.
# o nodefault can be used to normally resolve AS112 zones.
# o typetransparent resolves normally for other types and other names
#
# defaults are localhost address, reverse for 127.0.0.1 and ::1
# and nxdomain for AS112 zones. If you configure one of these zones
# the default content is omitted, or you can omit it with 'nodefault'.
#
# If you configure local-data without specifying local-zone, by
# default a transparent local-zone is created for the data.
#
# You can add locally served data with
# local-zone: "local." static
# local-data: "mycomputer.local. IN A 192.0.2.51"
# local-data: 'mytext.local TXT "content of text record"'
#
2 of 3 # You can override certain queries with 8/6/19, 8:32 PM
# local-data: "adserver.example.net A 127.0.0.1"
#
Domain Name Resolving — Roll Your Own Network https://roll.urown.net/router/unbound.html
# You can redirect a domain to a fixed address with
# (this makes example.net, www.example.net, etc, all go to 192.0.2.3)
# local-zone: "example.net" redirect
# local-data: "example.net A 192.0.2.3"
local-zone: "168.192.in-addr.arpa" nodefault

...

forward-zone:
name: "lan."
forward-addr: 127.0.0.1@5553

forward-zone:
name: "20.172.in-addr.arpa."
forward-addr: 127.0.0.1@5553

3 of 3 8/6/19, 8:32 PM

You might also like