Install and run simple Unbound Server on RHEL 8

Unbound is a DNS server that is considered as the optimal choice for small labs and environments. Here we will know how to install and use Unbound DNS server on RHEL 8 machine.

Lab configuration:

1. Server

• IP address 192.168.1.4

1. Desktop

• IPv4 address: 192.168.1.5
• IPv4 DNS: 192.168.1.4

Server Configuration:

• Make sure that the dnsmasq service is not running or any other service that might be using port number 53. Otherwise, you will need to configure the unbound server to use another port
• systemctl status dnsmasq.service
• systemctl disable --now dnsmasq.service
• netstat -pntlu | grep 53
• Install the unbound package 
• yum install unbound
• yum enable --now unbound
• Configure the unbound server
• vi /etc/unbound/unbound.conf
• Uncomment the interface lines for IPv4 and IPv6 to allow the DNS server to receive DNS requests on all interfaces 
• interface 0.0.0.0
• interface ::0

• Uncomment access-control to allow all networks that are allowed to send our DNS server requests
• access-control: 127.0.0.1/8 allow
• access-control: 192.168.1.0/24 allow
• access-control: 172.20.10.0/28 allow
• Add a forward-zone to define where these request can be forwarded to resolve the names
• forward-zone:
• name: "."
• forward-addr: 1.1.1.1
• forward-addr: 8.8.8.8
• Uncomment the domain-insecure and add the local domains that do not have keys for validation
• domain-insecure: "tshoot.com"
• Restart the unbound service 
• systemctl restart unbound
• systemctl status -l unbound
• Add the dns service to the allowed services in the firewall
• firewall-cmd --add-service=dns --permanent
• firewall-cmd --reload

Client check:

• host google.com

Troubleshooting:

• If you receive the error "Can't bind socket: Address 0.0.0.0 is already in use, make sure that no other services are using the port 53