Unbound --dokumentasi pribadi-

DNS Unbound adalah alternatif DNS resolver dan juga DNS server, konon Unbound lebih aman dan lebih cepat dalam melakukan resolving ke domain atau juga dalam melakukan query...
*INSTALL PAKET*

# apt-get install build-essential libssl-dev
# apt-get install unbound
# cd /etc/unbound
# wget ftp://ftp.internic.net/domain/named.cache
# unbound-control-setup
# groupadd unbound
# useradd -d /var/unbound -m -g unbound -s /bin/false unbound

Sesuaikan config /etc/unbound/unbound.conf, servis dns lainnya bind/dnsmasq dll) harus di stop agar tidak bentrok.

# chown unbound:root unbound_*
# chmod 440 unbound_*

masuk unbound.conf lalu copas script dibawah ini
 
# nano /etc/unbound/unbound.conf


server:
verbosity: 1
statistics-interval: 120
statistics-cumulative: yes
num-threads: 1
interface: 0.0.0.0
outgoing-range: 512
num-queries-per-thread: 1024
msg-cache-size: 64m
rrset-cache-size: 32m
msg-cache-slabs: 4
rrset-cache-slabs: 4
cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120
infra-cache-numhosts: 10000
infra-cache-lame-size: 10k
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

access-control: 0.0.0.0/0 allow

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
#pidfile: "/var/run/unbound.pid"
#root-hints: "/etc/unbound/named.cache"
#auto-trust-anchor-file: "/var/lib/unbound/root.key"
auto-trust-anchor-file: "/etc/unbound/root.key"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes

do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"
local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone iwinduarta.net
local-zone: "warnetku.net." static
local-data: "warnetku.net. 86400 IN NS ns1.warnetku.net."
local-data: "warnetku.net. 86400 IN SOA warnetku.net. hostmaster.warnetku.net. 3 3600 1200 604800 86400"
local-data: "warnetku.net. 86400 IN A 192.168.3.50"
local-data: "www.warnetku.net. 86400 IN A 192.168.3.50"
local-data: "ns1.warnetku.net. 86400 IN A 192.168.3.50"
local-zone: "3.168.192.in-addr.arpa." static
local-data: "3.168.192.in-addr.arpa. 10800 IN NS warnetku.net."
local-data: "3.168.192.in-addr.arpa. 10800 IN SOA warnetku.net. hostmaster.warnetku.net. 4 3600 1200 604800 864000"
local-data: "50.3.168.192.in-addr.arpa. 10800 IN PTR iwinduarta.net."

forward-zone:
name: "."
#forward-addr: 30.30.30.30
forward-addr: 202.134.0.155
forward-addr: 202.134.0.61
forward-addr: 203.130.193.74
forward-addr: 203.130.196.155
forward-addr: 202.134.1.5
forward-addr: 203.130.208.18
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"
# End DNS Conf

setting ubuntu agar mengunakan DNS unbound :
edit file di /etc/resolv.conf :# nano /etc/resolv.conf
tuliskan :
nameserver 127.0.0.1

edit file /etc/network/interfaces# nano /etc/network/interfaces
iface eth0 inet static
address 30.30.30.67
netmask 255.255.255.0
network 30.30.30.0
broadcast 30.30.30.255
gateway 30.30.30.30
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 127.0.0.1

reboot cpu, kemudian tes dengan :
# /etc/init.d/unbound restartJika ada error atau bentrok dengan bind maka non aktifkan dulu bind dll, atau sekalian dihapus saja..




# nslookup 192.168.3.50
Server: 127.0.0.1
Address: 127.0.0.1#53
50.3.168.192.in-addr.arpa name = warnetku.net



# nslookup warnetku.net
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: warnetku.net
Address: 192.168.3.50

#unbound-control stats
thread0.num.queries=38
thread0.num.cachehits=7
thread0.num.cachemiss=31
thread0.num.recursivereplies=31
thread0.requestlist.avg=0.129032
thread0.requestlist.max=1
thread0.requestlist.overwritten=0
thread0.requestlist.exceeded=0
thread0.requestlist.current.all=0
thread0.requestlist.current.user=0
thread0.recursion.time.avg=0.088811
thread0.recursion.time.median=0.0185685
thread1.num.queries=10
thread1.num.cachehits=1
thread1.num.cachemiss=9
thread1.num.recursivereplies=9
thread1.requestlist.avg=0
thread1.requestlist.max=0
thread1.requestlist.overwritten=0
thread1.requestlist.exceeded=0
thread1.requestlist.current.all=0
thread1.requestlist.current.user=0
thread1.recursion.time.avg=0.049576
thread1.recursion.time.median=0.016384
total.num.queries=48
total.num.cachehits=8
total.num.cachemiss=40
total.num.recursivereplies=40
total.requestlist.avg=0.1
total.requestlist.max=1
total.requestlist.overwritten=0
total.requestlist.exceeded=0
total.requestlist.current.all=0
total.requestlist.current.user=0
total.recursion.time.avg=0.079984
total.recursion.time.median=0.0174763
time.now=1281681396.583885
time.up=7299.491047
time.elapsed=4177.655650