Setup Unbound DNS cache & resolver on Debian Buster

Last updated on Sunday, 15 September 2024 1 min read Technology

sudo apt install unbound

sudo tee -a /etc/unbound/unbound.conf << EOF > /dev/null

server:
interface: 127.0.0.1
interface: ::1
access-control: 127.0.0.0/8 allow
access-control: ::1/128 allow

# enable remote-control (useful when utilising monitoring tools such as netdata)
remote-control:
    control-enable: yes
EOF

sudo systemctl restart unbound

sudo apt install resolvconf

sudo nano /etc/network/interfaces

change nameservers to 127.0.0.1 for IPv4 & ::1 for IPv6

sudo resolvconf -u

check:

sudo apt install dnsutils
dig pieterhollander.nl
nslookup pieterhollander.nl # Server: 127.0.0.1

I was also using this unbound instance to provide a DNS resolver to VMs attached to a bridge interface. Unfortunately, the interface wouldn’t be up before unbound would try to start. This was resolved by adding a ExecStartPre directive to Unbound’s Systemd service file:

sudo systemctl edit unbound

Add the following lines to the ### Anything between here and the comment below will become the new contents of the file section.

[Service]
ExecStartPre=/usr/lib/systemd/systemd-networkd-wait-online --interface=br0 --timeout=120

debian unbound dns

Setup Unbound DNS cache & resolver on Debian Buster

Pieter Hollander