Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:dns:dot_unbound [2023/01/17 04:30] – [DoT with Unbound] update infobox vgaetera | docs:guide-user:services:dns:dot_unbound [2024/10/21 08:10] – Add chapter how to configure unbound with dnsmasq dpawlik | ||
|---|---|---|---|
| Line 25: | Line 25: | ||
| uci set unbound.fwd_google.fallback=" | uci set unbound.fwd_google.fallback=" | ||
| uci commit unbound | uci commit unbound | ||
| - | / | + | service |
| </ | </ | ||
| Line 38: | Line 38: | ||
| <code bash> | <code bash> | ||
| # Restart services | # Restart services | ||
| - | / | + | service |
| # Log and status | # Log and status | ||
| Line 60: | Line 60: | ||
| opkg update | opkg update | ||
| opkg install luci-app-unbound | opkg install luci-app-unbound | ||
| - | / | + | service |
| </ | </ | ||
| Line 78: | Line 78: | ||
| uci set unbound.fwd_cloudflare.fallback=" | uci set unbound.fwd_cloudflare.fallback=" | ||
| uci commit unbound | uci commit unbound | ||
| - | / | + | service |
| </ | </ | ||
| Line 86: | Line 86: | ||
| uci set unbound.fwd_google.enabled=" | uci set unbound.fwd_google.enabled=" | ||
| uci set unbound.fwd_cloudflare.enabled=" | uci set unbound.fwd_cloudflare.enabled=" | ||
| - | while uci -q delete | + | while uci -q del unbound.@zone[4]; |
| uci add unbound zone | uci add unbound zone | ||
| uci set unbound.@zone[-1].enabled=" | uci set unbound.@zone[-1].enabled=" | ||
| Line 92: | Line 92: | ||
| uci set unbound.@zone[-1].zone_type=" | uci set unbound.@zone[-1].zone_type=" | ||
| uci add_list unbound.@zone[-1].zone_name=" | uci add_list unbound.@zone[-1].zone_name=" | ||
| - | uci set unbound.@zone[-1].tls_upstream=" | ||
| - | uci set unbound.@zone[-1].tls_index=" | ||
| uci add_list unbound.@zone[-1].server=" | uci add_list unbound.@zone[-1].server=" | ||
| uci add_list unbound.@zone[-1].server=" | uci add_list unbound.@zone[-1].server=" | ||
| uci add_list unbound.@zone[-1].server=" | uci add_list unbound.@zone[-1].server=" | ||
| uci add_list unbound.@zone[-1].server=" | uci add_list unbound.@zone[-1].server=" | ||
| + | uci set unbound.@zone[-1].tls_upstream=" | ||
| + | uci set unbound.@zone[-1].tls_index=" | ||
| uci commit unbound | uci commit unbound | ||
| - | / | + | service |
| </ | </ | ||
| Line 110: | Line 110: | ||
| uci set unbound.@unbound[0].validator=" | uci set unbound.@unbound[0].validator=" | ||
| uci commit unbound | uci commit unbound | ||
| - | / | + | service |
| </ | </ | ||
| + | |||
| + | ===== Configure unbound with dnsmasq ===== | ||
| + | Unbound can also act as a resolver for dnsmasq. How to install and how to change the [[wp> | ||
| + | Here would be just described how to configure unbound with dnsmasq. | ||
| + | |||
| + | === Command-line instructions === | ||
| + | |||
| + | <code bash> | ||
| + | # Change unbound port to 5353, because dnsmasq is running already on port 53 | ||
| + | sed -i " | ||
| + | |||
| + | # configure dnsmasq to forward to localhost 5353 | ||
| + | service dnsmasq stop | ||
| + | uci set dhcp.@dnsmasq[0].noresolv=" | ||
| + | uci set dhcp.@dnsmasq[0].localuse=" | ||
| + | uci set dhcp.@dnsmasq[0].cachesize=' | ||
| + | uci -q delete dhcp.@dnsmasq[0].server | ||
| + | uci add_list dhcp.@dnsmasq[0].server=" | ||
| + | uci commit dhcp | ||
| + | service dnsmasq start | ||
| + | service unbound restart | ||
| + | |||
| + | # Optional - ensure, that the NTP server can work without DNS | ||
| + | uci del system.ntp.server | ||
| + | uci add_list system.ntp.server=' | ||
| + | uci add_list system.ntp.server=' | ||
| + | uci add_list system.ntp.server=' | ||
| + | uci add_list system.ntp.server=' | ||
| + | uci commit system | ||
| + | </ | ||