Networking - DNS - Unbound

Unbound is a a very secure non-authoritative, validating, recursive, caching DNS resolver, with support for DNSSEC validation.

It is designed to be fast and lean and incorporates modern features based on open standards.

It is written with a high security focus!

Unbound is not as feature rich as Bind, but it is easy to configure and quick to set up.

Unbound communicates directly with the root servers on the internet and the other authoritative domain name servers, so does not use Cloudflare, Google or any of the others. The DNS traffic is not encrypted but it is authenticated for validity.

Authority Zones

Blacklist a domain

Client Based Filtering

Configure Access

Configure Encrypted DNS with Caching

Configure Unbound as a simple forwarding DNS server

Forward Zones

Install Unbound

Local Data

Local Zones

Logging

Secure DNS over TLS

Selectively override DNS records

Tags

Views

References

https://nlnetlabs.nl/documentation/unbound/

https://nlnetlabs.nl/documentation/unbound/unbound.conf/

https://www.nlnetlabs.nl/projects/unbound/about/

https://fossies.org/linux/unbound/doc/example.conf.in

https://calomel.org/unbound_dns.html