Differences

This shows you the differences between two versions of the page.

--- networking:dns:unbound:install_unbound [2021/01/29 00:12] – [Networking - DNS - Unbound - Install Unbound] peter
+++ networking:dns:unbound:install_unbound [2021/01/29 00:25] (current) – peter
@@ Line 1: / Line 1: @@
 ====== Networking - DNS - Unbound - Install Unbound ======
-Install the recursive DNS resolver
+Unbound, a secure open-source recursive DNS server, will be used to:
+  * Listen for queries on port 53.
+  * Listen for both UDP and TCP requests.
+  * Verify DNSSEC signatures, discarding BOGUS domains.
+  * Apply a few security and privacy tricks.
+----
+===== Install Unbound =====
 <code bash>
@@ Line 20: / Line 29: @@
 </code>
-  * If you do this optional step, you will need to uncomment the **root-hints:** configuration line in the suggested config file.
+  * If you do this optional step, you will need to uncomment the **root-hints:** line in the Unbound configuration file defined in the next step.
   * This file changes infrequently, but it is recommended to have it updated every six months or so.
 </WRAP>
 ----
@@ Line 38: / Line 45: @@
     interface: 127.0.0.1
-    port: 5335
+    port: 53
     do-ip4: yes
     do-udp: yes
@@ Line 89: / Line 96: @@
 <WRAP info>
-**NOTE:**  Unbound will listen on port 5335.
+**NOTE:**  Unbound is configured to listen on port 53.
+This is the standard DNS port.
+However, often port 53 may already be in use, which will prevent Unbound starting up.
+  * In this case, it may be useful to use an alternative port for unbound, say 5335 and have the other service point to the Unbound service running on this alternative port 5335.
+  * Alternatively, keep Unbound configured to port 53, and disable that other service.
 If the **root-hints** file was installed separately in the previous step, then uncomment the **root-hints:** configuration line in this config file.