|Zap's Digital Lighthouse|
Sun, 01 Feb 2015
Since FreeBSD 10, BIND has been replaced as the default DNS server by Unbound. This is nice for all kinds of security reasons (many of the recent FreeBSD security advisories have been because of BIND issues), but it does mean changing some 20+ years old habits.
On my local network, I like to have a small server that acts as the DNS server for all of my home machines (of which I have too many indeed), not only for speed of resolution and resilience, but also to have authoritative reverse DNS resolution for machines in the private address space (192.168.1.*)... so I do not only need a local caching server, but I need to configure it to serve my local network, and to be authoritative for a small set of addresses under 1.168.192.in-addr.arpa. This means doing a bit of configuration beyond the out of the box Unbound config in FreeBSD 10.1...
I have found a few helpful sites in setting up my Unbound DNS server:
but Google will help you find a lot more.
The FreeBSD Handbook says "By default, Unbound will provide DNS resolution to the local machine only. While the base system package can be configured to provide resolution services beyond the local machine, it is recommended that such requirements be addressed by installing Unbound from the FreeBSD Ports Collection.", however I found that for my very simple case it was easy to configure the "local_unbound" that is part of FreeBSD 10.1 do serve as my local network's DNS server...
I then simply added a file in
It seems to work at this point. Later on, I can explore the statistics produced by Unbound, but this is sufficient to get our little home server up and running.