Jack Wallen shows you how to install the Unbound DNS resolver to help speed up DNS resolving on either your Linux desktop or server instances.
Unbound is a free and open-source recursive and validating DNS caching server, which uses DNS-over-TLS and DNS-over-HTTPS to encrypt connections. Unbound is much faster than Bind9 and can help to reduce the loading time of web pages and other calls that require DNS resolution. Unbound also supports DNSSEC validation, so it can serve as a trust anchor on your network.
I want to show you how to install Unbound on Ubuntu 22.04. This can be installed on either Ubuntu Server or Desktop and you’ll gain significant DNS resolving speed over the default.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
What you’ll need
The only things you’ll need for this are a running instance of Ubuntu – though it can also be installed on RHEL-based distributions – and a user with sudo privileges. That’s it: Let’s get that DNS resolving speed up.
How to install Unbound
Fortunately, Unbound is found in the default repositories, so to install it log into your Ubuntu machine and issue the command:
sudo apt-get install unbound -y
If you’re working on an RHEL-based distribution, that installation would be:
sudo dnf install unbound -y
How to configure Unbound
Once Unbound is installed, we need to create a new configuration file. Create that file with the command:
nano /etc/unbound/unbound.conf.d/myunbound.conf
In that file, paste the following:
server:
port: 53
verbosity: 0
num-threads: 2
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 32m
interface: 0.0.0.0
rrset-cache-size: 64m
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 allow
username: unbound
directory: "/etc/unbound"
logfile: "/var/log/unbound.log"
use-syslog: no
hide-version: yes
so-rcvbuf: 4m
so-sndbuf: 4m
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
remote-control:
control-enable: yes
control-port: 953
control-interface: 0.0.0.0
You can edit the above configuration, but know that it should work as-is. Save and close the file.
Next, we need to create a log file for Unbound with the command:
sudo touch /var/log/unbound.log
Give the log file the proper permissions with:
sudo chown unbound:unbound /var/log/unbound.log
Finally, start the Unbound service with:
sudo systemctl enable --now unbound
How to test Unbound
Immediately after starting the service, issue the command:
dig google.com @localhost
You should see output similar to this:
; <<>> DiG 9.18.1-1ubuntu1.1-Ubuntu <<>> google.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56042
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 300 IN A 142.251.111.138
google.com. 300 IN A 142.251.111.113
google.com. 300 IN A 142.251.111.101
google.com. 300 IN A 142.251.111.100
google.com. 300 IN A 142.251.111.102
google.com. 300 IN A 142.251.111.139
;; Query time: 108 msec
;; SERVER: 127.0.0.1#53(localhost) (UDP)
;; WHEN: Thu Jun 16 13:30:12 UTC 2022
;; MSG SIZE rcvd: 135
Notice the Query time of 108 msec. That’s pretty fast. However, let’s run the command again:
dig google.com @localhost
Your query time should be considerably less. I received a query time of 4 msec on the second attempt and zero on the third.
Congratulations, your DNS queries are now faster thanks to the open-source Unbound DNS resolver. You could even use that server as your LAN-based DNS server should you choose.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.
Source of Article