Context Navigation

source: server/other/unbound.xml@ 286dd94

Visit:

12.1 ken/TL2024 ken/tuningfonts lazarus plabs/newcss python3.11 rahul/power-profiles-daemon renodr/vulkan-addition trunk xry111/llvm18

Last change on this file since 286dd94 was 286dd94, checked in by Bruce Dubbs <bdubbs@…>, 9 months ago
Update to unbound-1.18.0.
Property mode set to `100644`
File size: 11.7 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY unbound-download-http "https://nlnetlabs.nl/downloads/unbound/unbound-&unbound-version;.tar.gz">
8	<!ENTITY unbound-download-ftp " ">
9	<!ENTITY unbound-md5sum "67d5bb4ce2a9d6e52d2bc4af982fb340">
10	<!ENTITY unbound-size "6.0 MB">
11	<!ENTITY unbound-buildsize "142 MB (with docs; add 11 MB for tests)">
12	<!ENTITY unbound-time "0.3 SBU (Using parallelism=4; with docs; add 0.4 SBU for tests)">
13	]>
14
15	<sect1 id="unbound" xreflabel="Unbound-&unbound-version;">
16	<?dbhtml filename="unbound.html"?>
17
18
19	<title>Unbound-&unbound-version;</title>
20
21	<indexterm zone="unbound">
22	<primary sortas="a-Unbound">Unbound</primary>
23	</indexterm>
24
25	<sect2 role="package">
26	<title>Introduction to Unbound</title>
27
28	<para>
29	<application>Unbound</application> is a validating, recursive, and caching
30	DNS resolver. It is designed as a set of modular components that
31	incorporate modern features, such as enhanced security (DNSSEC)
32	validation, Internet Protocol Version 6 (IPv6), and a client resolver
33	library API as an integral part of the architecture.
34	</para>
35
36	&lfs120_checked;
37
38	<bridgehead renderas="sect3">Package Information</bridgehead>
39	<itemizedlist spacing="compact">
40	<listitem>
41	<para>
42	Download (HTTP): <ulink url="&unbound-download-http;"/>
43	</para>
44	</listitem>
45	<listitem>
46	<para>
47	Download (FTP): <ulink url="&unbound-download-ftp;"/>
48	</para>
49	</listitem>
50	<listitem>
51	<para>
52	Download MD5 sum: &unbound-md5sum;
53	</para>
54	</listitem>
55	<listitem>
56	<para>
57	Download size: &unbound-size;
58	</para>
59	</listitem>
60	<listitem>
61	<para>
62	Estimated disk space required: &unbound-buildsize;
63	</para>
64	</listitem>
65	<listitem>
66	<para>
67	Estimated build time: &unbound-time;
68	</para>
69	</listitem>
70	</itemizedlist>
71
72	<bridgehead renderas="sect3">Unbound Dependencies</bridgehead>
73	<!--
74	<bridgehead renderas="sect4">Required</bridgehead>
75	<para role="required">
76	<xref linkend="openssl"/>
77	broken?
78	or <xref linkend="nss"/>
79	</para>
80	-->
81
82	<bridgehead renderas="sect4">Optional</bridgehead>
83	<para role="optional">
84	<xref linkend="libevent"/>,
85	<xref linkend="nettle"/>,
86	<xref linkend="python2"/>,
87	<xref linkend="sphinx"/> (for Python bindings documentation),
88	<xref linkend="swig"/> (for Python bindings),
89	<xref linkend="doxygen"/> (for html documentation), and
90	<ulink url="https://dnstap.info/">dnstap</ulink>
91	</para>
92
93	</sect2>
94
95	<sect2 role="installation">
96	<title>Installation of Unbound</title>
97
98	<para>
99	There should be a dedicated user and group to take control of the
100	<command>unbound</command> daemon after it is started. Issue the following
101	commands as the <systemitem class="username">root</systemitem> user:
102	</para>
103
104	<screen role="root"><userinput>groupadd -g 88 unbound &&
105	useradd -c "Unbound DNS Resolver" -d /var/lib/unbound -u 88 \
106	-g unbound -s /bin/false unbound</userinput></screen>
107
108	<para>
109	Install <application>Unbound</application> by running the following
110	commands:
111	</para>
112
113	<screen><userinput>./configure --prefix=/usr \
114	--sysconfdir=/etc \
115	--disable-static \
116	--with-pidfile=/run/unbound.pid &&
117	make</userinput></screen>
118
119	<para>
120	If you have <xref linkend="doxygen"/> package installed and want to build
121	html documentation, run the following command:
122	</para>
123
124	<screen remap="doc"><userinput>make doc</userinput></screen>
125
126	<para>
127	To test the results, issue <command>make check</command>.
128	</para>
129
130	<para>
131	Now, as the <systemitem class="username">root</systemitem> user:
132	</para>
133
134	<screen role="root"><userinput>make install &&
135	mv -v /usr/sbin/unbound-host /usr/bin/</userinput></screen>
136
137	<para>
138	If you built the documentation, install it by running the following
139	commands as the <systemitem class="username">root</systemitem> user:
140	</para>
141
142	<screen role="root"
143	remap="doc"><userinput>install -v -m755 -d /usr/share/doc/unbound-&unbound-version; &&
144	install -v -m644 doc/html/* /usr/share/doc/unbound-&unbound-version;</userinput></screen>
145
146	</sect2>
147
148	<sect2 role="commands">
149	<title>Command Explanations</title>
150
151	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
152	href="../../xincludes/static-libraries.xml"/>
153
154	<para>
155	<option>--with-libevent</option>: This option enables libevent support
156	allowing use of large outgoing port ranges.
157	</para>
158
159	<para>
160	<option>--with-pyunbound</option>: This option enables building of the Python
161	bindings.
162	</para>
163
164	</sect2>
165
166	<sect2 role="configuration">
167	<title>Configuring Unbound</title>
168
169	<sect3 id="unbound-config">
170	<title>Config Files</title>
171
172	<para>
173	<filename>/etc/unbound/unbound.conf</filename>
174	</para>
175
176	<indexterm zone="unbound unbound-config">
177	<primary sortas="e-etc-unbound-unbound.conf">/etc/unbound/unbound.conf</primary>
178	</indexterm>
179
180	</sect3>
181
182	<sect3>
183	<title>Configuration Information</title>
184
185	<para>
186	In the default configuration, <command>unbound</command> will bind to
187	localhost (127.0.0.1 IP address) and allow recursive queries only from
188	localhost clients. If you want to use <command>unbound</command> for
189	local DNS resolution, run the following command as the
190	<systemitem class="username">root</systemitem> user:
191	</para>
192
193	<screen role="root"><userinput>echo "nameserver 127.0.0.1" > /etc/resolv.conf</userinput></screen>
194
195	<para>
196	For advanced configuration see
197	<filename>/etc/unbound/unbound.conf</filename> file and the
198	documentation.
199	</para>
200
201	<para revision="sysv">
202	When <application>Unbound</application> is installed, some package
203	builds fail if the file <filename>/etc/unbound/root.key</filename> is
204	not found. This file is created by running the boot script (install
205	instructions below). Alternatively, it can be created by running the
206	following command as the <systemitem class="username">root</systemitem>
207	user:
208	</para>
209
210	<para revision="systemd">
211	When <application>Unbound</application> is installed, some package
212	builds fail if the file <filename>/etc/unbound/root.key</filename> is
213	not found. Create this file by running the following command as the
214	<systemitem class="username">root</systemitem> user:
215	</para>
216
217	<screen role="nodump"><userinput>unbound-anchor</userinput></screen>
218
219	</sect3>
220
221	<sect3 id="unbound-init">
222	<title><phrase revision="sysv">Boot Script</phrase>
223	<phrase revision="systemd">Systemd Unit</phrase></title>
224
225	<para>
226	If you want the <application>Unbound</application> server to
227	start automatically when the system is booted, install the
228	<phrase revision="sysv"><filename>/etc/rc.d/init.d/unbound</filename>
229	init script</phrase>
230	<phrase revision="systemd"><filename>unbound.service</filename>
231	unit</phrase> included
232	in the <xref linkend="bootscripts" revision="sysv"/>
233	<xref linkend="systemd-units" revision="systemd"/> package:
234	</para>
235
236	<indexterm zone="unbound unbound-init">
237	<primary sortas="f-unbound">unbound</primary>
238	</indexterm>
239
240	<screen role="root"><userinput>make install-unbound</userinput></screen>
241
242	</sect3>
243
244	</sect2>
245
246	<sect2 role="content">
247	<title>Contents</title>
248
249	<segmentedlist>
250	<segtitle>Installed Programs</segtitle>
251	<segtitle>Installed Library</segtitle>
252	<segtitle>Installed Directories</segtitle>
253
254	<seglistitem>
255	<seg>
256	unbound, unbound-anchor, unbound-checkconf, unbound-control,
257	unbound-control-setup, and unbound-host
258	</seg>
259	<seg>
260	libunbound.so and (optional)
261	/usr/lib/python&python2-majorver;/site-packages/_unbound.so
262	</seg>
263	<seg>
264	/etc/unbound and /usr/share/doc/unbound-&unbound-version; (optional)
265	</seg>
266	</seglistitem>
267	</segmentedlist>
268
269	<variablelist>
270	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
271	<?dbfo list-presentation="list"?>
272	<?dbhtml list-presentation="table"?>
273
274	<varlistentry id="unbound-prog">
275	<term><command>unbound</command></term>
276	<listitem>
277	<para>
278	is a DNS resolver daemon
279	</para>
280	<indexterm zone="unbound unbound-prog">
281	<primary sortas="b-unbound">unbound</primary>
282	</indexterm>
283	</listitem>
284	</varlistentry>
285
286	<varlistentry id="unbound-anchor">
287	<term><command>unbound-anchor</command></term>
288	<listitem>
289	<para>
290	performs setup or update of the root trust anchor for DNSSEC
291	validation
292	</para>
293	<indexterm zone="unbound unbound-anchor">
294	<primary sortas="b-unbound-anchor">unbound-anchor</primary>
295	</indexterm>
296	</listitem>
297	</varlistentry>
298
299	<varlistentry id="unbound-checkconf">
300	<term><command>unbound-checkconf</command></term>
301	<listitem>
302	<para>
303	checks the <command>unbound</command> configuration file for syntax
304	and other errors
305	</para>
306	<indexterm zone="unbound unbound-checkconf">
307	<primary sortas="b-unbound-checkconf">unbound-checkconf</primary>
308	</indexterm>
309	</listitem>
310	</varlistentry>
311
312	<varlistentry id="unbound-control">
313	<term><command>unbound-control</command></term>
314	<listitem>
315	<para>
316	performs remote administration on the <command>unbound</command> DNS
317	resolver
318	</para>
319	<indexterm zone="unbound unbound-control">
320	<primary sortas="b-unbound-control">unbound-control</primary>
321	</indexterm>
322	</listitem>
323	</varlistentry>
324
325	<varlistentry id="unbound-control-setup">
326	<term><command>unbound-control-setup</command></term>
327	<listitem>
328	<para>
329	generates a self-signed certificate and private keys for the server
330	and client
331	</para>
332	<indexterm zone="unbound unbound-control-setup">
333	<primary sortas="b-unbound-control-setup">unbound-control-setup</primary>
334	</indexterm>
335	</listitem>
336	</varlistentry>
337
338	<varlistentry id="unbound-host">
339	<term><command>unbound-host</command></term>
340	<listitem>
341	<para>
342	is a DNS lookup utility similar to <command>host</command> from
343	<xref linkend="bind-utils"/>
344	</para>
345	<indexterm zone="unbound unbound-host">
346	<primary sortas="b-unbound-host">unbound-host</primary>
347	</indexterm>
348	</listitem>
349	</varlistentry>
350
351	<varlistentry id="libunbound">
352	<term><filename class="libraryfile">libunbound.so</filename></term>
353	<listitem>
354	<para>
355	provides the <application>Unbound</application> API functions to
356	programs
357	</para>
358	<indexterm zone="unbound libunbound">
359	<primary sortas="c-libunbound">libunbound.so</primary>
360	</indexterm>
361	</listitem>
362	</varlistentry>
363
364	</variablelist>
365
366	</sect2>
367
368	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: