Unbound is a free and open-source recursive and validating DNS caching server, which uses DNS-over-TLS and DNS-over-HTTPS to encrypt connections. Unbound is much faster than Bind9 and can help to reduce the loading time of web pages and other calls that require DNS resolution. Unbound also supports DNSSEC validation, so it can serve as a trust anchor on your network.
I want to show you how to install Unbound on Ubuntu 22.04. This can be installed on either Ubuntu Server or Desktop and you’ll gain significant DNS resolving speed over the default.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
What you’ll need
The only things you’ll need for this are a running instance of Ubuntu – though it can also be installed on RHEL-based distributions – and a user with sudo privileges. That’s it: Let’s get that DNS resolving speed up.
How to install Unbound
Fortunately, Unbound is found in the default repositories, so to install it log into your Ubuntu machine and issue the command:
sudo apt-get install unbound -y
If you’re working on an RHEL-based distribution, that installation would be:
sudo dnf install unbound -y
How to configure Unbound
Once Unbound is installed, we need to create a new configuration file. Create that file with the command:
In that file, paste the following:
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 allow
You can edit the above configuration, but know that it should work as-is. Save and close the file.
Next, we need to create a log file for Unbound with the command:
sudo touch /var/log/unbound.log
Give the log file the proper permissions with:
sudo chown unbound:unbound /var/log/unbound.log
Finally, start the Unbound service with:
sudo systemctl enable --now unbound
How to test Unbound
Immediately after starting the service, issue the command:
dig google.com @localhost
You should see output similar to this:
; <<>> DiG 9.18.1-1ubuntu1.1-Ubuntu <<>> google.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56042
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 300 IN A 188.8.131.52
google.com. 300 IN A 184.108.40.206
google.com. 300 IN A 220.127.116.11
google.com. 300 IN A 18.104.22.168
google.com. 300 IN A 22.214.171.124
google.com. 300 IN A 126.96.36.199
;; Query time: 108 msec
;; SERVER: 127.0.0.1#53(localhost) (UDP)
;; WHEN: Thu Jun 16 13:30:12 UTC 2022
;; MSG SIZE rcvd: 135
Notice the Query time of 108 msec. That’s pretty fast. However, let’s run the command again:
dig google.com @localhost
Your query time should be considerably less. I received a query time of 4 msec on the second attempt and zero on the third.
Congratulations, your DNS queries are now faster thanks to the open-source Unbound DNS resolver. You could even use that server as your LAN-based DNS server should you choose.
Interested in Ubuntu? Check out The Mastering Linux Development Bundle from TechRepublic Academy.
Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.