Skip to main content

DNS: Recursive DNS

Option 1: Unbound

$ apt install unbound

Recursive DNS can sometimes sacrifice speed for security so the unbound server is going to be limited to only serve DNS requests from loopback addresses. Everyone else will have to go through a DNS caching server (dnsmasq) that I'll setup later to perform DNS queries.

# /etc/unbound/unbound.conf.d/local.conf
+ server:
+ 	interface: 127.0.0.1
+ 	interface: ::1
+ 	access-control: 127.0.0.1 allow
+ 	access-control: ::1 allow
$ systemctl restart unbound

Option 2: Public Recursive Name Server

I don't have to do anything since dnsmasq will be setup to query a public recursive DNS server like Cloudflare's 1.1.1.1 and 1.0.0.1.