source: server/other/unbound.xml@ be4a407

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since be4a407 was be4a407, checked in by Pierre Labastie <pieere@…>, 9 years ago

Update to Unbound-1.5.3

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@15731 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 11.7 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY unbound-download-http "http://www.unbound.net/downloads/unbound-&unbound-version;.tar.gz">
8 <!ENTITY unbound-download-ftp " ">
9 <!ENTITY unbound-md5sum "1e95fdcbaaf5dc87432d898006a5eb13">
10 <!ENTITY unbound-size "4.6 MB">
11 <!ENTITY unbound-buildsize "37 MB (Add 70 MB for HTML documentation">
12 <!ENTITY unbound-time "0.4 SBU (Add 0.2 SBU for tests)">
13]>
14
15<sect1 id="unbound" xreflabel="Unbound-&unbound-version;">
16 <?dbhtml filename="unbound.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy: igor $</othername>
20 <date>$Date: 2013-07-21 21:06:50 +0200 (Sun, 21 Jul 2013) $</date>
21 </sect1info>
22
23 <title>Unbound-&unbound-version;</title>
24
25 <indexterm zone="unbound">
26 <primary sortas="a-Unbound">Unbound</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Unbound</title>
31
32 <para>
33 <application>Unbound</application> is a validating, recursive, and caching
34 DNS resolver. It is designed as a set of modular components that
35 incorporate modern features, such as enhanced security (DNSSEC)
36 validation, Internet Protocol Version 6 (IPv6), and a client resolver
37 library API as an integral part of the architecture.
38 </para>
39
40 &lfs77_checked;
41
42 <bridgehead renderas="sect3">Package Information</bridgehead>
43 <itemizedlist spacing="compact">
44 <listitem>
45 <para>
46 Download (HTTP): <ulink url="&unbound-download-http;"/>
47 </para>
48 </listitem>
49 <listitem>
50 <para>
51 Download (FTP): <ulink url="&unbound-download-ftp;"/>
52 </para>
53 </listitem>
54 <listitem>
55 <para>
56 Download MD5 sum: &unbound-md5sum;
57 </para>
58 </listitem>
59 <listitem>
60 <para>
61 Download size: &unbound-size;
62 </para>
63 </listitem>
64 <listitem>
65 <para>
66 Estimated disk space required: &unbound-buildsize;
67 </para>
68 </listitem>
69 <listitem>
70 <para>
71 Estimated build time: &unbound-time;
72 </para>
73 </listitem>
74 </itemizedlist>
75
76 <bridgehead renderas="sect3">Unbound Dependencies</bridgehead>
77
78 <bridgehead renderas="sect4">Required</bridgehead>
79 <para role="required">
80 <xref linkend="openssl"/>
81<!-- broken?
82 or <xref linkend="nss"/>
83-->
84 </para>
85
86 <bridgehead renderas="sect4">Optional</bridgehead>
87 <para role="optional">
88 <xref linkend="expat"/>,
89 <xref linkend="libevent"/>,
90 <xref linkend="python2"/>,
91 <xref linkend="swig"/> (for Python bindings),
92 <xref linkend="doxygen"/> (for html documentation),
93 <ulink url="http://http://www.nlnetlabs.nl/projects/ldns/">ldns</ulink>, and
94 <ulink url="http://dnstap.info/">dnstap</ulink>
95 </para>
96
97 <para condition="html" role="usernotes">User Notes:
98 <ulink url="&blfs-wiki;/unbound"/>
99 </para>
100 </sect2>
101
102 <sect2 role="installation">
103 <title>Installation of Unbound</title>
104
105 <para>
106 There should be a dedicated user and group to take control of the
107 <command>unbound</command> daemon after it is started. Issue the following
108 commands as the <systemitem class="username">root</systemitem> user:
109 </para>
110
111<screen role="root"><userinput>groupadd -g 88 unbound &amp;&amp;
112useradd -c "Unbound DNS resolver" -d /var/lib/unbound -u 88 \
113 -g unbound -s /bin/false unbound</userinput></screen>
114
115 <para>
116 Install <application>Unbound</application> by running the following
117 commands:
118 </para>
119
120<screen><userinput>./configure --prefix=/usr \
121 --sysconfdir=/etc \
122 --disable-static \
123 --with-pidfile=/run/unbound.pid &amp;&amp;
124make</userinput></screen>
125
126 <para>
127 If you have <xref linkend="doxygen"/> package installed and want to build
128 html documentation, run the following command:
129 </para>
130
131<screen><userinput>make doc</userinput></screen>
132
133 <para>To test the results, issue <command>make check</command>.</para>
134
135 <para>
136 Now, as the <systemitem class="username">root</systemitem> user:
137 </para>
138
139<screen role="root"><userinput>make install &amp;&amp;
140mv -v /usr/sbin/unbound-host /usr/bin/</userinput></screen>
141
142 <para>
143 If you built html documentation, install it by running the following
144 commands as the <systemitem class="username">root</systemitem> user:
145 </para>
146
147<screen role="root"><userinput>install -v -m755 -d /usr/share/doc/unbound-&unbound-version; &amp;&amp;
148install -v -m644 doc/html/* /usr/share/doc/unbound-&unbound-version;</userinput></screen>
149
150 </sect2>
151
152 <sect2 role="commands">
153 <title>Command Explanations</title>
154
155 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
156 href="../../xincludes/static-libraries.xml"/>
157
158 <para>
159 <option>--with-libevent</option>: This option enables libevent support
160 allowing use of large outgoing port ranges.
161 </para>
162
163 <para>
164 <option>--with-pyunbound</option>: This option enables building of the Python
165 bindings.
166 </para>
167
168 </sect2>
169
170 <sect2 role="configuration">
171 <title>Configuring Unbound</title>
172
173 <sect3 id="unbound-config">
174 <title>Config Files</title>
175
176 <para><filename>/etc/unbound/unbound.conf</filename></para>
177
178 <indexterm zone="unbound unbound-config">
179 <primary sortas="e-etc-unbound-unbound.conf">/etc/unbound/unbound.conf</primary>
180 </indexterm>
181
182 </sect3>
183
184 <sect3>
185 <title>Configuration Information</title>
186
187 <para>
188 In the default configuration, <command>unbound</command> will bind to
189 localhost (127.0.0.1 IP address) and allow recursive queries only from
190 localhost clients. If you want to use <command>unbound</command> for
191 local DNS resolution, run the following command as the
192 <systemitem class="username">root</systemitem> user:
193 </para>
194
195<screen role="root"><userinput>echo "nameserver 127.0.0.1" > /etc/resolv.conf</userinput></screen>
196
197 <para>
198 If you are using a DHCP client for connecting to a network,
199 <filename>/etc/resolv.conf</filename> gets overwritten with values
200 provided by DHCP server. You can override this, for example in <xref
201 linkend="dhcp"/>, by running the following command as the <systemitem
202 class="username">root</systemitem> user:
203 </para>
204
205<screen role="root"><userinput>sed -i '/request /i\supersede domain-name-servers 127.0.0.1;' \
206 /etc/dhcp/dhclient.conf</userinput></screen>
207
208 <para>
209 For advanced configuration see
210 <filename>/etc/unbound/unbound.conf</filename> file and the
211 documentation.
212 </para>
213
214 <para>
215 When <application>Unbound</application> is installed, some package
216 builds fail if the file <filename>/etc/unbound/root.key</filename> is
217 not found. This file is created by running the boot script (install
218 instructions below). Alternatively, it can be created by running the
219 following command as the <systemitem class="username">root</systemitem>
220 user:
221 </para>
222
223<screen role="root"><userinput>unbound-anchor</userinput></screen>
224
225 </sect3>
226
227 <sect3 id="unbound-init">
228 <title>Boot Script</title>
229
230 <para>If you want the <application>Unbound</application> server to
231 start automatically when the system is booted, install the
232 <filename>/etc/rc.d/init.d/unbound</filename> init script included
233 in the <xref linkend="bootscripts"/> package.</para>
234
235 <indexterm zone="unbound unbound-init">
236 <primary sortas="f-unbound">unbound</primary>
237 </indexterm>
238
239<screen role="root"><userinput>make install-unbound</userinput></screen>
240
241 </sect3>
242
243 </sect2>
244
245 <sect2 role="content">
246 <title>Contents</title>
247
248 <segmentedlist>
249 <segtitle>Installed Programs</segtitle>
250 <segtitle>Installed Library</segtitle>
251 <segtitle>Installed Directories</segtitle>
252
253 <seglistitem>
254 <seg>
255 unbound, unbound-anchor, unbound-checkconf, unbound-control,
256 unbound-control-setup, and unbound-host
257 </seg>
258 <seg>
259 libunbound.so and (optional)
260 /usr/lib/python&python2-majorver;/site-packages/_unbound.so
261 </seg>
262 <seg>
263 /etc/unbound and /usr/share/doc/unbound-&unbound-version;
264 </seg>
265 </seglistitem>
266 </segmentedlist>
267
268 <variablelist>
269 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
270 <?dbfo list-presentation="list"?>
271 <?dbhtml list-presentation="table"?>
272
273 <varlistentry id="unbound-prog">
274 <term><command>unbound</command></term>
275 <listitem>
276 <para>
277 is a DNS resolver daemon.
278 </para>
279 <indexterm zone="unbound unbound-prog">
280 <primary sortas="b-unbound">unbound</primary>
281 </indexterm>
282 </listitem>
283 </varlistentry>
284
285 <varlistentry id="unbound-anchor">
286 <term><command>unbound-anchor</command></term>
287 <listitem>
288 <para>
289 performs setup or update of the root trust anchor for DNSSEC
290 validation.
291 </para>
292 <indexterm zone="unbound unbound-anchor">
293 <primary sortas="b-unbound-anchor">unbound-anchor</primary>
294 </indexterm>
295 </listitem>
296 </varlistentry>
297
298 <varlistentry id="unbound-checkconf">
299 <term><command>unbound-checkconf</command></term>
300 <listitem>
301 <para>
302 checks <command>unbound</command> configuration file for syntax
303 and other errors.
304 </para>
305 <indexterm zone="unbound unbound-checkconf">
306 <primary sortas="b-unbound-checkconf">unbound-checkconf</primary>
307 </indexterm>
308 </listitem>
309 </varlistentry>
310
311 <varlistentry id="unbound-control">
312 <term><command>unbound-control</command></term>
313 <listitem>
314 <para>
315 performs remote administration on the <command>unbound</command> DNS
316 resolver.
317 </para>
318 <indexterm zone="unbound unbound-control">
319 <primary sortas="b-unbound-control">unbound-control</primary>
320 </indexterm>
321 </listitem>
322 </varlistentry>
323
324 <varlistentry id="unbound-control-setup">
325 <term><command>unbound-control-setup</command></term>
326 <listitem>
327 <para>
328 generates self-signed certificate and private keys for the server
329 and client.
330 </para>
331 <indexterm zone="unbound unbound-control-setup">
332 <primary sortas="b-unbound-control-setup">unbound-control-setup</primary>
333 </indexterm>
334 </listitem>
335 </varlistentry>
336
337 <varlistentry id="unbound-host">
338 <term><command>unbound-host</command></term>
339 <listitem>
340 <para>
341 is a DNS lookup utility similar to <command>host</command> from
342 <xref linkend="bind-utils"/>.
343 </para>
344 <indexterm zone="unbound unbound-host">
345 <primary sortas="b-unbound-host">unbound-host</primary>
346 </indexterm>
347 </listitem>
348 </varlistentry>
349
350 <varlistentry id="libunbound">
351 <term><filename class="libraryfile">libunbound.so</filename></term>
352 <listitem>
353 <para>
354 provides the <application>Unbound</application> API functions to
355 programs.
356 </para>
357 <indexterm zone="unbound libunbound">
358 <primary sortas="c-libunbound">libunbound.so</primary>
359 </indexterm>
360 </listitem>
361 </varlistentry>
362
363 </variablelist>
364
365 </sect2>
366
367</sect1>
Note: See TracBrowser for help on using the repository browser.