Posted by: sutrisno | November 5, 2014

Install Unbound on Ubuntu 14.04

Unbound adalah DNS seperti BIND,,,tujuan pemasangan DNS local yaitu resol internetnya lebih cepat, misalnya akses detik time request yang sebelumnya 25sec setelah melalui DNS local menjadi 2sec

Screenshot - 11052014 - 01:10:12 PM

Berikut install dan konfigurasi

Installing Unbound

Login to your ubuntu server using ssh. before installing unbound, make sure your package repositories and installed programs are up to date.

sudo apt-get update

install unbound:

sudo apt-get install unbound
Configure Unbound

Unbound configuration file will be located at /etc/unbound/unbound.conf.

Login as root, Enter to directory /etc/unbound

sudo -i
cd /etc/unbound
Download the latest root DNS hints file from ftp://ftp.internic.net/domain/named.cache

wget ftp://ftp.internic.net/domain/named.cache
Run unbound-control-setup to generate the necessary TLS key files

unbound-control-setup
Change owner all file unbound_* in the directory /etc/unbound to (unbound:root = user unbound : group root)

chown unbound:root unbound_*
Change permissions all file unbound_* to 440

chmod 440 unbound_*
Backup old unbound configuration with following command

mv /etc/unbound/unbound.conf /etc/unbound/unbound.conf.default

cat > /etc/unbound/unbound.conf < DNS Google
forward-addr: 8.8.4.4
forward-addr: 208.67.222.222
forward-addr: 208.67.220.220
remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-interface: 192.168.42.1
control-port: 953
server-key-file: “/etc/unbound/unbound_server.key”
server-cert-file: “/etc/unbound/unbound_server.pem”
control-key-file: “/etc/unbound/unbound_control.key”
control-cert-file: “/etc/unbound/unbound_control.pem”
EOF

unbound-checkconf /etc/unbound/unbound.conf

Check unbound configuration with following command:

unbound-checkconf /etc/unbound/unbound.conf
Restart unbound service
service unbound restart
When you restart unbound and get an error messege like this:

* Restarting recursive DNS server unbound
[1351477671] unbound[20492:0] error: bind: address already in use
[1351477671] unbound[20492:0] fatal error: could not open ports
You need stop dnsmasq service.

service dnsmasq stop
If you have installed squid proxy server on your machine, add this option on squid file configuration. then restart squid server.

dns_nameservers 127.0.0.1 192.168.42.1

service squid3 restart
use this command to check unbound performance:

unbound-control stats

Source : http://ubuntuserverguide.com/2012/10/how-to-installing-and-configure-unbound-on-ubuntu-server-12-04.html

Posted in Blogroll, Migrasi

«
»

Leave a comment

Categories