Table of Contents Installation of a local DNS resolver Installation & Configuration of Unbound On Debian 8 & Ubuntu 16.04 On CentOS 7 Testing the resolver Installation of a local DNS resolver Requirements: You have an account at console.online.net You have a Dedibox dedicated server DNS or “Domain Name System” allows the translation between a domain name (for example: Online.net) and an IP address (for example: 62.210.16.2). Indeed, it is much more easy for us to remember Online.net instead of 62.210.16.2. On the other hand our computers / servers doesn't know what to do with Online.net. Therefore it requires a system to transform a domain name to an IP address, here 62.210.16.6, to access the requested website. In this tutorial we will have a look on the installation of Unbound, a software to resolve domains. Installed on your server, it will you allow to resolve domains. Online.net provides two DNS resolvers in the network: 62.210.16.6 & 62.210.16.7. However, it is recommended to use your own resolver. Installation & Configuration of Unbound On Debian 8 & Ubuntu 16.04 We start by installing the software: sudo apt-get install unbound Once installed, the softwarez will work directly. If you have configured your network statically, you need to edit the file /etc/resolv.conf as following: nameserver 127.0.0.1 nameserver 62.210.16.6 nameserver 62.210.16.7 This allows to use the local server (127.0.0.1) to be used in priority and keeps the resolvers of Online.net in case of need. If your public interface is configured by DHCP, you have to edit the file /etc/dhcp/dhclient.conf and add/uncomment the following line: prepend domain-name-servers 127.0.0.1; In this case you specify the DNS server directly in the DHCP configuration, as they are usually provided by the DHCP auto-contifguration and normally only the resolvers of Online.net will be configured. On CentOS 7 We start by installing the software: sudo yum install unbound Now we have to edit the file /etc/unbound/unbound.conf and add/uncomment the following line: do-not-query-localhost: no This will allow us to make requests at localhost. Once the line is added / edited, restart the service: service unbound restart Now you have to edit the file /etc/sysconfig/network-scripts/ifcfg-eth0 by adding the following lines: DNS1=127.0.0.1 DNS2=62.210.16.6 DNS3=62.210.16.7 Finally, restart the network: systemctl restart network.service Once all this is done, you will use the local resolver by default and the Online.net resolver in case of need. Testing the resolver Once everything has been configured, you can verify if your resolver is working fine with the dig command: dig google.fr ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> google.fr ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59447 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;google.fr. IN A ;; ANSWER SECTION: google.fr. 300 IN A 216.58.211.99 ;; Query time: 6 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: ven. juil. 15 14:27:27 CEST 2016 ;; MSG SIZE rcvd: 54 We can see the following line: ;; SERVER: 127.0.0.1#53(127.0.0.1) This shows us, that our local server was queued and that it has responded.