Installation of a local DNS resolver


DNS or “Domain Name System” allows the translation between a domain name (for example: and an IP address (for example:

Indeed, it is much more easy for us to remember instead of

On the other hand our computers / servers doesn't know what to do with
Therefore it requires a system to transform a domain name to an IP address, here, to access the requested website.

In this tutorial we will have a look on the installation of Unbound, a software to resolve domains.
Installed on your server, it will you allow to resolve domains. provides two DNS resolvers in the network: &
However, it is recommended to use your own resolver.

Installation & Configuration of Unbound

On Debian 8 & Ubuntu 16.04

We start by installing the software:

sudo apt-get install unbound

Once installed, the softwarez will work directly.

If you have configured your network statically, you need to edit the file /etc/resolv.conf as following:


This allows to use the local server ( to be used in priority and keeps the resolvers of in case of need.

If your public interface is configured by DHCP, you have to edit the file /etc/dhcp/dhclient.conf and add/uncomment the following line:

prepend domain-name-servers;

In this case you specify the DNS server directly in the DHCP configuration, as they are usually provided by the DHCP auto-contifguration and normally only the resolvers of will be configured.

On CentOS 7

We start by installing the software:

sudo yum install unbound

Now we have to edit the file /etc/unbound/unbound.conf and add/uncomment the following line:

do-not-query-localhost: no

This will allow us to make requests at localhost.

Once the line is added / edited, restart the service: service unbound restart

Now you have to edit the file /etc/sysconfig/network-scripts/ifcfg-eth0 by adding the following lines:


Finally, restart the network: systemctl restart network.service

Once all this is done, you will use the local resolver by default and the resolver in case of need.

Testing the resolver

Once everything has been configured, you can verify if your resolver is working fine with the dig command:


; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59447
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
;			IN	A


;; Query time: 6 msec
;; WHEN: ven. juil. 15 14:27:27 CEST 2016
;; MSG SIZE  rcvd: 54

We can see the following line: ;; SERVER: This shows us, that our local server was queued and that it has responded.