Monday, July 11, 2016

Home » » Install DNS Unbound

Install DNS Unbound

By No comments
Sebetulnya sudah bnyak sekali tutorial yang berkeliaran bebas di internet ..tentang bagaimana cara install DNS Unbound...
Mungkin ada beberapa rekan yg sudah mengerti dengan cara ini, tetapi mungkin juga masih banyak yg belum tahu untuk....Instalasi DNS Unbound......khususnya untuk yang sering setting server proxy dan ingin  membuat performance squid agar lebih aggresive.....


Berhubung saya tidak pandai dalam merangkai kata-kata .. langsung saja kita mulai...


apt-get install unbound
cd /etc/unbound
wget ftp://FTP.INTERNIC.NET/domain/named.cache
unbound-control-setup
chown unbound:root unbound_*
chmod 440 unbound_*
mv unbound.conf unbound.conf.old
nano unbound.conf


#Copas Konfigurasi ini

lalu copy paste configurasi ini :
 
server:
         verbosity: 1
         statistics-interval: 120
         statistics-cumulative: yes
         num-threads: 1
         interface: 0.0.0.0
 
         outgoing-range: 512
         num-queries-per-thread: 1024
 
         msg-cache-size: 64m
         rrset-cache-size: 32m  
 
         msg-cache-slabs: 4
         rrset-cache-slabs: 4
 
         cache-max-ttl: 86400
         infra-host-ttl: 60
         infra-lame-ttl: 120
 
         infra-cache-numhosts: 10000
         infra-cache-lame-size: 10k
 
         do-ip4: yes
         do-ip6: no
         do-udp: yes
         do-tcp: yes
         do-daemonize: yes
 
         #access-control: 0.0.0.0/0 allow
         access-control: 192.168.0.0/16 allow
         access-control: 172.16.0.0/12 allow
         access-control: 10.0.0.0/8 allow
         access-control: 127.0.0.0/8 allow
         access-control: 0.0.0.0/0 refuse
 
         chroot: "/etc/unbound"
         username: "unbound"
         directory: "/etc/unbound"
         #logfile: "/etc/unbound/unbound.log"
         #use-syslog: yes
         logfile: ""
         use-syslog: no
         pidfile: "/etc/unbound/unbound.pid"
         root-hints: "/etc/unbound/named.cache"
 
        identity: "DNS"
        version: "1.4"
        hide-identity: yes
        hide-version: yes
        harden-glue: yes
        do-not-query-address: 127.0.0.1/8
        do-not-query-localhost: yes
        module-config: "iterator"
 
        #zone localhost
        local-zone: "localhost." static  
        local-data: "localhost. 10800 IN NS localhost."
        local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"  
        local-data: "localhost. 10800 IN A 127.0.0.1"  
 
        local-zone: "127.in-addr.arpa." static  
        local-data: "127.in-addr.arpa. 10800 IN NS localhost."  
        local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"  
        local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."  
 
        #zone unpam.net
        local-zone: "unpam.net." static
        local-data: "unpam.net. 86400 IN NS ns1.unpam.net."
        local-data: "unpam.net. 86400 IN SOA unpam.net. hostmaster.unpam.net.  3 3600 1200 604800 86400"
        local-data: "unpam.net. 86400 IN A 192.168.2.2"
        local-data: "www.unpam.net. 86400 IN A 192.168.2.2"
        local-data: "ns1.unpam.net. 86400 IN A 192.168.2.2"
 
        local-data: "mail.unpam.net. 86400 IN A 192.168.2.2"
        local-data: "unpam.net. 86400 IN MX 10 mail.unpam.net."
        local-data: "unpam.net. 86400 IN TXT v=spf1 a mx ~all"
 
       local-zone: "2.168.192.in-addr.arpa." static
       local-data: "2.168.192.in-addr.arpa. 10800 IN NS unpam.net."
       local-data: "2.168.192.in-addr.arpa. 10800 IN SOA unpam.net. hostmaster.unpam.net. 4 3600 1200 604800 864000"
       local-data: "2.2.168.192.in-addr.arpa. 10800 IN PTR unpam.net."
 
forward-zone:  
        name: "."
        forward-addr: 202.134.0.155
        forward-addr: 202.134.0.61
        forward-addr: 203.130.193.74
        forward-addr: 203.130.196.155
        forward-addr: 202.134.1.5
        forward-addr: 203.130.196.155
        forward-addr: 203.130.208.18
        forward-addr: 208.67.222.222
        forward-addr: 208.67.220.220
        forward-addr: 8.8.8.8
        forward-addr: 8.8.4.4
 
remote-control:
        control-enable: yes
        control-interface: 127.0.0.1
        control-port: 953
        server-key-file: "/etc/unbound/unbound_server.key"
        server-cert-file: "/etc/unbound/unbound_server.pem"
        control-key-file: "/etc/unbound/unbound_control.key"
        control-cert-file: "/etc/unbound/unbound_control.pem"

lalu save di /etc/unbound/unbound.conf

forward-zone : sesuaikan dengan DNS ISP anda
ip pada local data sesuaikan dengan ip ubuntu anda

setting ubuntu agar mengunakan DNS unbound :

edit file di /etc/resolv.conf :

# nano /etc/resolv.conf

nameserver 127.0.0.1

edit file /etc/network/interfaces

# nano /etc/network/interfaces

iface eth0 inet static
address 192.168.2.2
netmask 255.255.255.0
network 122.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 127.0.0.1

reboot cpu anda....

untuk mngecek DNS unbound sudah jalan :

# /etc/init.d/unbound restart
# nslookup 192.168.2.2

Server: 127.0.0.1
Address: 127.0.0.1#53

2.2.168.192.in-addr.arpa name = unpam.net

# nslookup unpam.net

Server: 127.0.0.1
Address: 127.0.0.1#53

Name: unpam.net
Address: 192.168.2.2


Terima Kasih 
Sudah Berkunjung 

0 comments:

Post a Comment

http://www.resepkuekeringku.com/2014/11/resep-donat-empuk-ala-dunkin-donut.html http://www.resepkuekeringku.com/2015/03/resep-kue-cubit-coklat-enak-dan-sederhana.html http://www.resepkuekeringku.com/2014/10/resep-donat-kentang-empuk-lembut-dan-enak.html http://www.resepkuekeringku.com/2014/07/resep-es-krim-goreng-coklat-kriuk-mudah-dan-sederhana-dengan-saus-strawberry.html http://www.resepkuekeringku.com/2014/06/resep-kue-es-krim-goreng-enak-dan-mudah.html http://www.resepkuekeringku.com/2014/09/resep-bolu-karamel-panggang-sarang-semut-lembut.html