Unbound builds Recursive dns 02/23 Update SLTechnology News&Howtos

Unbound builds Recursive dns

2025-02-23 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Unbound has been added in addition to the original bind since the update of Red Hat 7.0. in fact, I personally think that unbound is much easier to use as a recursive dns than bind. I like to use unbound to test resolution, including filtering IPv6 domain names and other applications.

Because IPv6 is vigorously promoted by the state, and the current interconnection environment of IPv6 is still very poor, we can achieve this by filtering IPv6:

Use yum for installation:

[root@langqun ~] # vim / etc/unbound/unbound.conf

You can see that there is a lot of nonsense. I like to back up the original unbound.conf directly and keep only the following lines:

Server:

Port: 53

Do-ip4: yes

Do-ip6: yes

Private-address: / 0 (filter IPv6 query results)

Interface: 0.0.0.0 (server IP address, which need not be modified if there is only one interface)

Access-control: 0.0.0.0 allow 0 (limit which users to query)

Msg-cache-size: 4m

Rrset-cache-size: 4m

Cache-max-ttl: 3600

Cache-min-ttl: 300

Hide-identity: yes

Hide-version: yes

Prefetch: yes

Num-threads: 4

Do-not-query-localhost: no

# logfile: "/ var/log/unbound.log"

Forward-zone:

Name: "qpic.cn"

Forward-addr: 114.114.114.114

Here is my address information

If there is a virbr0 interface, port 53 may be monitored through the virbr0 interface, resulting in the failure of the unbound service to provide service. In this case, you need to delete the virtual interface:

Command to delete virtual interface:

Brctl show

Ifconfig virbr0 down

Brctl delbr virbr0

Systemctl stop libvirtd.service

Systemctl disable libvirtd.service

Yum remove libvirt-daemon

Reboot

Just enable the service:

[root@langqun unbound] # systemctl start unbound.service

Parse the qq test:

Because IPv6 filtering is configured, the client IPv6 results cannot be fed back:

The IPv6 result of qq can be parsed through 114.114.114.114:

This dns is a recursive dns, so the dns sent to users can build a dns. If you need to filter a domain name, you can directly forward the domain name to the dns.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.