In this post I am seeking guidance on two points.
1) Do I even require Unbound for local DNS resolution given my DNS set-up?
2) How do I install and configure Unbound?
In a separate post I am seeking guidance on how to configure my DNS set-up, Ubuntu 10.4, NSD, GoDaddy, twisted4life.com. If you have any knowledge of or interest in this configuration, please visit the above link.
http://www.linode.com/forums/viewtopic.php?t=5938&start=0&postdays=0&postorder=asc&highlight=
Given my desired DNS set-up, do I require Unbound for local DNS resolution?
NSD only offers authoritative DNS with no recursion, while Unbound provides recursive DNS resolution and caching services. It is supposedly ideal for deployments that require only a simple resolving service, which is what I think is all I require.
Unfortunately I have not found Unbound's promise of easy installation and configuration to be true. Here is the Linode tutorial for Unbound:
http://library.linode.com/networking/dns-guides/unbound-dns-resolver-ubuntu-10.04-lucid
After installing Unbound, I restarted Unbound.
Code:
/etc/init.d/unbound restart
The following appeared on the screen:
Code:
* Restarting recursive DNS server unbound
[1282644471] unbound[1951:0] error: bind: address already in use
[1282644471] unbound[1951:0] fatal error: could not open ports
...fail!
At this point I am not sure if this is something related to the Unbound configuration, or something more fundamental. Have you any ideas?
I proceeded forward.
(1) Configure the Unbound interfaces link. Here follows my current state of unbound.conf.
File excerpt: /etc/unbound/unbound.conf
Code:
server:
interface: [Linode IP address]
Possible interfaces include the public interface or the private networking interface. I believe the Linode IP address represents the public interface. I am not sure I even have a private network address in my basic configuration. Do I? Is this configuration for unbound acceptable?
(2) Control access to your Unbound instance link.
Unbound must be configured to listen for requests on a given interface, and be configured to allow requests from a given IP address before it can successfully provide DNS services.
Insert lines into the unbound.conf file, following the server: directive. Referring to my first link to my other post, note the following: 202.157.182.142 is my secondary nameserver, ns1.twisted4life.com, and 74.207.241.5 is my primary nameserver, ns1.linode.com.
Here is the current state of my file.
File excerpt: /etc/unbound/unbound.conf
Code:
server:
access-control: 202.157.182.142/32 allow
access-control: 74.207.241.5/32 allow
Unfortunately restarting Unbound produced the same two errors as before.
The following appeared on the screen:
Code:
* Restarting recursive DNS server unbound
[1282644471] unbound[1951:0] error: bind: address already in use
[1282644471] unbound[1951:0] fatal error: could not open ports
...fail!
(3) Finally configure your system to resolve DNS using your Unbound instance link.
Before you can begin using your Unbound instance to resolve DNS queries, you need to configure your /etc/resolv.conf file to point to the new resolver.
To do this you can remove all existing lines from this file or comment them by prepending hash marks (e.g. #) to every line. Because the above does not seem to be working, I have left my file as is.
While it is inconsistent with my use of the twisted4life secondary nameserver, it currently looks like this:
Code:
nameserver 74.207.241.5
nameserver 74.207.242.5
domain members.linode.com
search members.linode.com
Assuming I will be accessing the Unbound instance over the local interface, I should edit /etc/resolv.conf to resembles the following:
File: /etc/resolv.conf
Code:
nameserver 127.0.0.1
Any feedback or guidance would be greatly appreciated.
Thanks.
FAQ
Search
Members
Register
Login [ Anonymous ]
