source: server/other/unbound.xml@ 1b472ab

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 1b472ab was 1b472ab, checked in by Igor Živković <igor@…>, 11 years ago

update to unbound-1.4.21

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@11858 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 10.9 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY unbound-download-http "http://www.unbound.net/downloads/unbound-&unbound-version;.tar.gz">
8 <!ENTITY unbound-download-ftp " ">
9 <!ENTITY unbound-md5sum "0aa8db06ea784bf7879060bd1f6551c8">
10 <!ENTITY unbound-size "3.5 MB">
11 <!ENTITY unbound-buildsize "41 MB">
12 <!ENTITY unbound-time "0.6 SBU">
13]>
14
15<sect1 id="unbound" xreflabel="Unbound-&unbound-version;">
16 <?dbhtml filename="unbound.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy: igor $</othername>
20 <date>$Date: 2013-07-21 21:06:50 +0200 (Sun, 21 Jul 2013) $</date>
21 </sect1info>
22
23 <title>Unbound-&unbound-version;</title>
24
25 <indexterm zone="unbound">
26 <primary sortas="a-Unbound">Unbound</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Unbound</title>
31
32 <para>
33 <application>Unbound</application> is a validating, recursive, and caching
34 DNS resolver. It is designed as a set of modular components that
35 incorporate modern features, such as enhanced security (DNSSEC)
36 validation, Internet Protocol Version 6 (IPv6), and a client resolver
37 library API as an integral part of the architecture.
38 </para>
39
40 &lfs74_checked;
41
42 <bridgehead renderas="sect3">Package Information</bridgehead>
43 <itemizedlist spacing="compact">
44 <listitem>
45 <para>
46 Download (HTTP): <ulink url="&unbound-download-http;"/>
47 </para>
48 </listitem>
49 <listitem>
50 <para>
51 Download (FTP): <ulink url="&unbound-download-ftp;"/>
52 </para>
53 </listitem>
54 <listitem>
55 <para>
56 Download MD5 sum: &unbound-md5sum;
57 </para>
58 </listitem>
59 <listitem>
60 <para>
61 Download size: &unbound-size;
62 </para>
63 </listitem>
64 <listitem>
65 <para>
66 Estimated disk space required: &unbound-buildsize;
67 </para>
68 </listitem>
69 <listitem>
70 <para>
71 Estimated build time: &unbound-time;
72 </para>
73 </listitem>
74 </itemizedlist>
75
76 <bridgehead renderas="sect3">Unbound Dependencies</bridgehead>
77
78 <bridgehead renderas="sect4">Required</bridgehead>
79 <para role="required">
80 <xref linkend="expat"/>,
81 <xref linkend="ldns"/>, and
82 <xref linkend="openssl"/>
83<!-- broken?
84 or <xref linkend="nss"/>
85-->
86 </para>
87
88 <bridgehead renderas="sect4">Optional</bridgehead>
89 <para role="optional">
90 <xref linkend="libevent"/>,
91 <xref linkend="python2"/>,
92 <ulink url="http://www.swig.org/">SWIG</ulink> (for Python bindings), and
93 <xref linkend="doxygen"/> (for html documentation)
94 </para>
95
96 <para condition="html" role="usernotes">User Notes:
97 <ulink url="&blfs-wiki;/unbound"/>
98 </para>
99 </sect2>
100
101 <sect2 role="installation">
102 <title>Installation of Unbound</title>
103
104 <para>
105 There should be a dedicated user and group to take control of the
106 <command>unbound</command> daemon after it is started. Issue the following
107 commands as the <systemitem class="username">root</systemitem> user:
108 </para>
109
110<screen role="root"><userinput>groupadd -g 88 unbound &amp;&amp;
111useradd -c "Unbound DNS resolver" -d /var/lib/unbound -u 88 \
112 -g unbound -s /bin/false unbound</userinput></screen>
113
114 <para>
115 Install <application>Unbound</application> by running the following
116 commands:
117 </para>
118
119<screen><userinput>./configure --prefix=/usr \
120 --sysconfdir=/etc \
121 --disable-static \
122 --with-pidfile=/run/unbound.pid &amp;&amp;
123make</userinput></screen>
124
125 <para>
126 If you have <xref linkend="doxygen"/> package installed and want to build
127 html documentation, run the following command:
128 </para>
129
130<screen><userinput>make doc</userinput></screen>
131
132 <para>To test the results, issue <command>make check</command>.</para>
133
134 <para>
135 Now, as the <systemitem class="username">root</systemitem> user:
136 </para>
137
138<screen role="root"><userinput>make install &amp;&amp;
139mv -v /usr/sbin/unbound-host /usr/bin/</userinput></screen>
140
141 <para>
142 If you built html documentation, install it by running the following
143 commands as the <systemitem class="username">root</systemitem> user:
144 </para>
145
146<screen role="root"><userinput>install -v -m755 -d /usr/share/doc/unbound-&unbound-version; &amp;&amp;
147install -v -m644 doc/html/* /usr/share/doc/unbound-&unbound-version;</userinput></screen>
148
149 </sect2>
150
151 <sect2 role="commands">
152 <title>Command Explanations</title>
153
154 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
155 href="../../xincludes/static-libraries.xml"/>
156
157 <para>
158 <option>--with-libevent</option>: This option enables libevent support
159 allowing use of large outgoing port ranges.
160 </para>
161
162 <para>
163 <option>--with-pyunbound</option>: This option enables building of the Python
164 bindings.
165 </para>
166
167 </sect2>
168
169 <sect2 role="configuration">
170 <title>Configuring Unbound</title>
171
172 <sect3 id="unbound-config">
173 <title>Config Files</title>
174
175 <para><filename>/etc/unbound/unbound.conf</filename></para>
176
177 <indexterm zone="unbound unbound-config">
178 <primary sortas="e-etc-unbound-unbound.conf">/etc/unbound/unbound.conf</primary>
179 </indexterm>
180
181 </sect3>
182
183 <sect3>
184 <title>Configuration Information</title>
185
186 <para>
187 In the default configuration, <command>unbound</command> will bind to
188 localhost (127.0.0.1 IP address) and allow recursive queries only from
189 localhost clients. If you want to use <command>unbound</command> for
190 local DNS resolution, run the following command as the
191 <systemitem class="username">root</systemitem> user:
192 </para>
193
194<screen role="root"><userinput>echo "nameserver 127.0.0.1" > /etc/resolv.conf</userinput></screen>
195
196 <para>
197 If you are using a DHCP client for connecting to a network,
198 <filename>/etc/resolv.conf</filename> gets overwritten with values
199 provided by DHCP server. You can override this, for example in
200 <xref linkend="dhcp"/>, by running the following command:
201 </para>
202
203<screen role="root"><userinput>sed -i '/request /i\supersede domain-name-servers 127.0.0.1;' \
204 /etc/dhcp/dhclient.conf</userinput></screen>
205
206 <para>
207 For advanced configuration see <filename>/etc/unbound/unbound.conf</filename>
208 file and the documentation.
209 </para>
210
211 </sect3>
212
213 <sect3 id="unbound-init">
214 <title>Boot Script</title>
215
216 <para>If you want the <application>Unbound</application> server to
217 start automatically when the system is booted, install the
218 <filename>/etc/rc.d/init.d/unbound</filename> init script included
219 in the <xref linkend="bootscripts"/> package.</para>
220
221 <indexterm zone="unbound unbound-init">
222 <primary sortas="f-unbound">unbound</primary>
223 </indexterm>
224
225<screen role="root"><userinput>make install-unbound</userinput></screen>
226
227 </sect3>
228
229 </sect2>
230
231 <sect2 role="content">
232 <title>Contents</title>
233
234 <segmentedlist>
235 <segtitle>Installed Programs</segtitle>
236 <segtitle>Installed Library</segtitle>
237 <segtitle>Installed Directories</segtitle>
238
239 <seglistitem>
240 <seg>
241 unbound, unbound-anchor, unbound-checkconf, unbound-control,
242 unbound-control-setup, and unbound-host
243 </seg>
244 <seg>
245 libunbound.so
246 </seg>
247 <seg>
248 /etc/unbound and /usr/share/doc/unbound-&unbound-version;
249 </seg>
250 </seglistitem>
251 </segmentedlist>
252
253 <variablelist>
254 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
255 <?dbfo list-presentation="list"?>
256 <?dbhtml list-presentation="table"?>
257
258 <varlistentry id="unbound-prog">
259 <term><command>unbound</command></term>
260 <listitem>
261 <para>
262 is a DNS resolver daemon.
263 </para>
264 <indexterm zone="unbound unbound-prog">
265 <primary sortas="b-unbound">unbound</primary>
266 </indexterm>
267 </listitem>
268 </varlistentry>
269
270 <varlistentry id="unbound-anchor">
271 <term><command>unbound-anchor</command></term>
272 <listitem>
273 <para>
274 performs setup or update of the root trust anchor for DNSSEC
275 validation.
276 </para>
277 <indexterm zone="unbound unbound-anchor">
278 <primary sortas="b-unbound-anchor">unbound-anchor</primary>
279 </indexterm>
280 </listitem>
281 </varlistentry>
282
283 <varlistentry id="unbound-checkconf">
284 <term><command>unbound-checkconf</command></term>
285 <listitem>
286 <para>
287 checks <command>unbound</command> configuration file for syntax
288 and other errors.
289 </para>
290 <indexterm zone="unbound unbound-checkconf">
291 <primary sortas="b-unbound-checkconf">unbound-checkconf</primary>
292 </indexterm>
293 </listitem>
294 </varlistentry>
295
296 <varlistentry id="unbound-control">
297 <term><command>unbound-control</command></term>
298 <listitem>
299 <para>
300 performs remote administration on the <command>unbound</command> DNS
301 resolver.
302 </para>
303 <indexterm zone="unbound unbound-control">
304 <primary sortas="b-unbound-control">unbound-control</primary>
305 </indexterm>
306 </listitem>
307 </varlistentry>
308
309 <varlistentry id="unbound-control-setup">
310 <term><command>unbound-control-setup</command></term>
311 <listitem>
312 <para>
313 generates self-signed certificate and private keys for the server
314 and client.
315 </para>
316 <indexterm zone="unbound unbound-control-setup">
317 <primary sortas="b-unbound-control-setup">unbound-control-setup</primary>
318 </indexterm>
319 </listitem>
320 </varlistentry>
321
322 <varlistentry id="unbound-host">
323 <term><command>unbound-host</command></term>
324 <listitem>
325 <para>
326 is a DNS lookup utility similar to <command>host</command> from
327 <xref linkend="bind-utils"/>.
328 </para>
329 <indexterm zone="unbound unbound-host">
330 <primary sortas="b-unbound-host">unbound-host</primary>
331 </indexterm>
332 </listitem>
333 </varlistentry>
334
335 <varlistentry id="libunbound">
336 <term><filename class="libraryfile">libunbound.so</filename></term>
337 <listitem>
338 <para>
339 provides the <application>Unbound</application> API functions to
340 programs.
341 </para>
342 <indexterm zone="unbound libunbound">
343 <primary sortas="c-libunbound">libunbound.so</primary>
344 </indexterm>
345 </listitem>
346 </varlistentry>
347
348 </variablelist>
349
350 </sect2>
351
352</sect1>
Note: See TracBrowser for help on using the repository browser.