DNS: Recursive DNS
Option 1: Unbound
$ apt install unbound
Recursive DNS can sometimes sacrifice speed for security so the unbound server is going to be limited to only serve DNS requests from loopback addresses. Everyone else will have to go through a DNS caching server (dnsmasq) that I'll setup later to perform DNS queries.
# /etc/unbound/unbound.conf.d/local.conf
+ server:
+ interface: 127.0.0.1
+ interface: ::1
+ access-control: 127.0.0.1 allow
+ access-control: ::1 allow
$ systemctl restart unbound
Option 2: Public Recursive Name Server
I don't have to do anything since dnsmasq will be setup to query a public recursive DNS server like Cloudflare's 1.1.1.1 and 1.0.0.1.
No Comments