Unbound is a validating, recursive, and caching DNS resolver designed for high performance and security. It supports DNSSEC validation out of the box and is commonly used as a local DNS server for privacy, speed, and security improvements over ISP-provided DNS.
📑 Table of Contents
Key Features
- DNSSEC Validation – Built-in security validation
- Privacy Features – DNS over TLS/HTTPS support
- High Performance – Efficient caching and prefetching
- Lightweight – Low resource consumption
Installation
sudo apt install unbound # Debian/Ubuntu
sudo dnf install unbound # Fedora/RHEL
# Download root hints
sudo wget -O /var/lib/unbound/root.hints https://www.internic.net/domain/named.rootBasic Configuration
# /etc/unbound/unbound.conf
server:
interface: 127.0.0.1
access-control: 127.0.0.0/8 allow
do-ip6: no
prefetch: yes
cache-min-ttl: 300
# Start service
sudo systemctl enable --now unboundWas this article helpful?