feb101bc70
if you divert all dns requests to an unbound server, this sets things up so replies to diverted udp requests come from what looks like the right IP. set_recvpktinfo() needs to be called on listening sockets so the kernel will wire up the control messages that include the original destination ip address of the packet. comm_point_create_udp_ancil() needs to be used instead of comm_point_create_udp() so it will use recvmsg with a control message buffer and process the CMSGs inside it. for IP_SENDSRCMSG to work when sending the replies to the diverted client, the listening socket also has to be set up with the SO_BINDANY sockopt. |
||
|---|---|---|
| .github | ||
| cachedb | ||
| compat | ||
| contrib | ||
| daemon | ||
| dns64 | ||
| dnscrypt | ||
| dnstap | ||
| doc | ||
| dynlibmod | ||
| edns-subnet | ||
| ipsecmod | ||
| ipset | ||
| iterator | ||
| libunbound | ||
| pythonmod | ||
| respip | ||
| services | ||
| sldns | ||
| smallapp | ||
| testcode | ||
| testdata | ||
| util | ||
| validator | ||
| winrc | ||
| .gitattributes | ||
| .gitignore | ||
| .travis.yml | ||
| ac_pkg_swig.m4 | ||
| aclocal.m4 | ||
| acx_nlnetlabs.m4 | ||
| acx_python.m4 | ||
| ax_pthread.m4 | ||
| config.guess | ||
| config.h.in | ||
| config.sub | ||
| configure | ||
| configure.ac | ||
| install-sh | ||
| LICENSE | ||
| ltmain.sh | ||
| makedist.sh | ||
| Makefile.in | ||
| README | ||
| README-Travis.md | ||
| README.md | ||
| SECURITY.md | ||
| systemd.m4 | ||
Unbound
Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. If you have any feedback, we would love to hear from you. Don’t hesitate to create an issue on Github or post a message on the Unbound mailing list. You can learn more about Unbound by reading our documentation.
Compiling
Make sure you have the C toolchain, OpenSSL and its include files, and libexpat installed. Unbound can be compiled and installed using:
./configure && make && make install
You can use libevent if you want. libevent is useful when using many (10000) outgoing ports. By default max 256 ports are opened at the same time and the builtin alternative is equally capable and a little faster.
Use the --with-libevent=dir configure option to compile Unbound with libevent
support.
Unbound configuration
All of Unbound's configuration options are described in the man pages, which will be installed and are available on the Unbound documentation page.
An example configuration file is located in doc/example.conf.