Actions
- Table of contents
- DNS
DNS¶
Localroot¶
The purpose is to not send to the root servers all our queries. Instead have a local copy of the root and rely on it.
Implementation¶
What do you need regarding the configuration of your resolver.
Unbound¶
In short you need this ( tested with unbound 1.22.0 under debian 13 )
diff --git a/unbound/unbound.conf.d/local-root-unbound.conf b/unbound/unbound.conf.d/local-root-unbound.conf
new file mode 100644
index 0000000..3f25610
--- /dev/null
+++ b/unbound/unbound.conf.d/local-root-unbound.conf
@@ -0,0 +1,7 @@
+auth-zone:
+ name: "."
+ url: "https://www.internic.net/domain/root.zone"
+ fallback-enabled: yes
+ for-downstream: no
+ for-upstream: yes
+ zonefile: "/var/lib/unbound/root.zone"
diff --git a/unbound/unbound.conf.d/local-unbound.conf b/unbound/unbound.conf.d/local-unbound.conf
index 4774858..a8ec373 100644
--- a/unbound/unbound.conf.d/local-unbound.conf
+++ b/unbound/unbound.conf.d/local-unbound.conf
@@ -465,7 +465,7 @@ server:
# do-not-query-localhost: yes
# if yes, perform prefetching of almost expired message cache entries.
- # prefetch: no
+ prefetch: yes
# if yes, perform key lookups adjacent to normal lookups.
# prefetch-key: no
- switch prefetch to
yes - include an auth-zone section . In my case I prefer to use another file
References¶
RFCs¶
Misc¶
Updated by Willy Manga 20 days ago ยท 1 revisions