konfigurasi unbound untuk DNS resolve

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:14

salam
broo.. saya lagi makek unbound untuk DNS resolve
lumayan rada cepet untuk ngeload suatu websites
tapi kok untuk facebook malah gak bisa kebuka yaa..
bisa kasih tau caranya gak.. apa ada yang salah dengan konfigurasi saya\
wassalam
ini konfigurasi saya
saya ambil dari beberapa artikel
maklum lagi nyoba2
konfigurasi unbound
server:
verbosity: 1
statistics-interval: 120
num-threads: 1
interface: 0.0.0.0

outgoing-range: 512
num-queries-per-thread: 1024

msg-cache-size: 16m
rrset-cache-size: 32m

msg-cache-slabs: 4
rrset-cache-slabs: 4

cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120

infra-cache-numhosts: 10000
infra-cache-lame-size: 10k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 192.168.10.0/24 allow
access-control: 192.168.11.0/24 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
infra-cache-numhosts: 10000
infra-cache-lame-size: 10k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 192.168.10.0/24 allow
access-control: 192.168.11.0/24 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone umum.net
local-zone: "umum.net." static
local-data: "umum.net. 86400 IN NS ns1.umum.net."
local-data: "umum.net. 86400 IN SOA umum.net. hostmaster.umum.net. 3 3600 1200 604800 86400"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "mail.umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN MX 10 mail.umum.net."
local-data: "umum.net. 86400 IN TXT v=spf1 a mx ~all"
local-zone: "10.168.192.in-addr.arpa." static
local-data: "10.168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "10.168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "10.168.192.in-addr.arpa. 10800 IN PTR umum.net."

forward-zone:
name: "."
forward-addr: 192.168.10.1
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 125.160.2.34
forward-addr: 202.134.0.155
# forward-addr: 203.130.196.155
# forward-addr: 202.134.0.61
# forward-addr: 180.131.144.144
# forward-addr: 180.131.145.145
# forward-addr: 208.67.222.222
# forward-addr: 208.67.220.220
# forward-addr: 222.124.198.150
# forward-addr: 222.124.249.115
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"


============
update
============
sekarang malah gak bisa buka google hee......
tidak bisa serching nehh...
anulis postingan in aja sampek harus F5 terus baru bisa masuk...
apa kudu di remove ya unbound nyaaa
kyaknya lebih stabil bind nehhh
Last edited by sipelaut on 27 Feb 2016, 19:47, edited 1 time in total.
Reason: update satus :)
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 08:26

forward-addr 192.168.10.1 dihilangkan saja masbro ...CMIIW :)
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:28

MasDjo wrote:forward-addr 192.168.10.1 dihilangkan saja masbro ...CMIIW :)

sudah mabro...
saya udah matiin untuk yang lokal...
sampek saya coba satu-satu semua DNS nya...

---
apakah ada yang harus saya ubah di konfigurasi squidnyaaa mabro....
Last edited by sipelaut on 27 Feb 2016, 19:47, edited 1 time in total.
Reason: squid konfig
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 08:33

Kayaknya kok gak ada hubungannya sama unbound, mungkin hubungannya dg proxy/squid
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:36

tapi sebelumnya ane makek bind dan gak papa tuchh broo..
setelah ku remove bind nya lalu install unbound malah trouble...
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 08:37

Tampilkan
local-zone: "10.168.192.in-addr.arpa." static
local-data: "10.168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "10.168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "10.168.192.in-addr.arpa. 10800 IN PTR umum.net."

harusnya
Tampilkan

Code: Select all

local-zone: "10.168.192.in-addr.arpa." static
local-data: "1.10.168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "1.10.168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "1.10.168.192.in-addr.arpa. 10800 IN PTR umum.net."


jangan lupa restart servis unbound nya :
sudo service unbound restart
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:40

oke broo saya cobanya dulu....
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:46

waduhhh ini apaan yaaa...
kok muncul kayak ginian... ???? :crazy:

Code: Select all

root@proxy:/etc/unbound# service unbound restart
 * Restarting recursive DNS server unbound
[1331258633] unbound[2764:0] warning: did not exit gracefully last time (1804)
[ OK ]
root@proxy:/etc/unbound# /etc/init.d/unbound restart
 * Restarting recursive DNS server unbound
[1331258645] unbound[2777:0] warning: did not exit gracefully last time (2765)
[ OK ]
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 08:54

Hehehe..lha memang harusnya gitu masbro :grin:

coba dig ke facebook.com

Code: Select all

dig facebook.com

kalo sudah muncul 'answer' noerror dari server dg nomor2 ip + ns facebook, berarti sudah jalan tuh unboundnya ...CMIIW
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 09:02

wakakakakkakakakk....
maklum broo nubie.... muccul nitifikasi kek gitu bikin puanikkk
hee...... "did not exit" ini nichh yang bikin galau n risau

oke....
aku coba dig facebook.com
hasilnya

Code: Select all

root@proxy:/etc/unbound# dig facebook.com

; <<>> DiG 9.7.0-P1 <<>> facebook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56452
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;facebook.com.         IN   A

;; ANSWER SECTION:
facebook.com.      86400   IN   A   69.171.229.11

;; Query time: 100 msec
;; SERVER: 192.168.20.1#53(192.168.20.1)
;; WHEN: Thu Mar  8 21:18:05 2012
;; MSG SIZE  rcvd: 46

fiuhh.... gila apakah memang query nya sampek 100 msec
keknya klo bind ake dig 2 kali hasil yang terakhir pasti 1 msec
ini sampek 100 apakah memang begitu masbro...
wahh.....
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 09:39

mestinya kalo yg ke 2 sudah bisa lebih cepat, contoh di saya :
dig pertama
Tampilkan

Code: Select all

dig facebook.com

; <<>> DiG 9.7.0-P1 <<>> facebook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58907
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;facebook.com.         IN   A

;; ANSWER SECTION:
facebook.com.      5356   IN   A   69.171.229.11
facebook.com.      5356   IN   A   66.220.149.11
facebook.com.      5356   IN   A   69.171.224.11

;; Query time: 53 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Mar  9 09:53:13 2012
;; MSG SIZE  rcvd: 78

dig ke 2
Tampilkan

Code: Select all

dig facebook.com

; <<>> DiG 9.7.0-P1 <<>> facebook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36255
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;facebook.com.         IN   A

;; ANSWER SECTION:
facebook.com.      5298   IN   A   69.171.229.11
facebook.com.      5298   IN   A   66.220.149.11
facebook.com.      5298   IN   A   69.171.224.11

;; Query time: 0 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Fri Mar  9 09:54:11 2012
;; MSG SIZE  rcvd: 78
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 09:47

ada yang salahkan dengan unbound saya
tidak bisa mencapai dibawah 1 mesc
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 09:56

kyaknya ane nyerah aja masbro...
butuh waktu nichh buat nyelesaiin :crazy:
orang2 kantor udah pada teriakk.. semua..
ntah mau kerja apa mau FB tuchhh...
wakakakak....... :grin: :grin: :grin: :grin:

ane balik lagi ke bind9
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 10:23

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"


identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

kok dobel-dobel masbro ???
harusnya :

Code: Select all

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"


Juga disini
#zone umum.net
local-zone: "umum.net." static
local-data: "umum.net. 86400 IN NS ns1.umum.net."
local-data: "umum.net. 86400 IN SOA umum.net. hostmaster.umum.net. 3 3600 1200 604800 86400"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN A 192.168.10.1"

local-data: "mail.umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN MX 10 mail.umum.net."
local-data: "umum.net. 86400 IN TXT v=spf1 a mx ~all"
local-zone: "10.168.192.in-addr.arpa." static
local-data: "10.168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "10.168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "10.168.192.in-addr.arpa. 10800 IN PTR umum.net."

harusnya :

Code: Select all

#zone umum.net
local-zone: "umum.net." static
local-data: "umum.net. 86400 IN NS ns1.umum.net."
local-data: "umum.net. 86400 IN SOA umum.net. hostmaster.umum.net. 3 3600 1200 604800 86400"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "mail.umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN MX 10 mail.umum.net."
local-data: "umum.net. 86400 IN TXT v=spf1 a mx ~all"
local-zone: "10.168.192.in-addr.arpa." static
local-data: "10.168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "10.168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "10.168.192.in-addr.arpa. 10800 IN PTR umum.net."
User avatar
yudiarbi
Posts: 627
Joined: 22 Mar 2011, 09:31
Location: Probolinggo, Jawa Timur
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby yudiarbi » 09 Mar 2012, 14:55

coba tak revisi dikit bos---- :D
Tampilkan
server:
verbosity: 1
statistics-interval: 120
num-threads: 2
interfaces : 192.168.10.0 # sesuaikan ip lan/eth1, untk ethyg lain tinggal ditambahkan di bawah sebelum 127.0.0.1
interface: 127.0.0.1

#untuk dual core dan lainya rumusnya 1024/cores - 50
outgoing-range: 512
num-queries-per-thread: 1024
so-rcvbuf: 4m

#gunakan 1/10 dari memory misal memory 512 mb
msg-cache-size: 50m
rrset-cache-size: 100m

msg-cache-slabs: 4
rrset-cache-slabs: 4
infra-cache-slabs: 4
key-cache-slabs: 4

cache-max-ttl: 86400
infra-host-ttl: 900
infra-lame-ttl: 900

infra-cache-numhosts: 10000
infra-cache-lame-size: 10k
key-cache-size: 4m

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 0.0.0.0/0 refuse
access-control: 192.168.0.0/16 allow
access-control: 192.168.10.0/24 allow
access-control: 192.168.11.0/24 allow
access-control: 172.16.0.0/12 allow
access-control: 127.0.0.0/8 allow

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address:192.168.0.0/24 #masukin lannya / eth1
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone umum.net
local-zone: "umum.net." static
local-data: "umum.net. 86400 IN NS ns1.umum.net."
local-data: "umum.net. 86400 IN SOA umum.net. hostmaster.umum.net. 3 3600 1200 604800 86400"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "www.umum.net. 86400 IN A 192.168.10.1"
local-data: "ns1.umum.net. 86400 IN A 192.168.10.1"
local-data: "mail.umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN MX 10 mail1.umum.net."
local-data: "umum.net. 86400 IN TXT v=spf1 a mx ~all"

local-zone: "168.192.in-addr.arpa." static
local-data: "168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "0.10.168.192.in-addr.arpa. 10800 IN PTR umum.net."


forward-zone:
name: "."
forward-addr: 192.168.10.1
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 125.160.2.34
forward-addr: 202.134.0.155
# forward-addr: 203.130.196.155
# forward-addr: 202.134.0.61
# forward-addr: 180.131.144.144
# forward-addr: 180.131.145.145
# forward-addr: 208.67.222.222
# forward-addr: 208.67.220.220
# forward-addr: 222.124.198.150
# forward-addr: 222.124.249.115
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

remote-control:
control-enable: yes
control-interface:192.168.10.1 #lan / eth1 harus ada
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

cek konfigurasi dengan :

Code: Select all

unbound-checkconf /etc/unbound/unbound.conf

jika keluarnya :

Code: Select all

unbound-checkconf: no errors in /etc/unbound/unbound.conf

tambahkan dns option pada file /etc/network/interfaces agar modem bisa mengarah ke localhost 127.0.0.1 di tengah2
antara eth0 dan eth1
restart network, restart unbound, cek dengan command dig misale
---->semoga bener, kalo salah ayo dibenerin lg.... :D
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 10 Mar 2012, 12:25

oke... masbro.. @yudiarbi
aku stop dulu bind9 nya
soalnya kemarin lom sempat eksperimen... dikarenakan kantor lagi sibuk2nya :)
keknya hari ini ngopek unbound..
mudah2an kantor gak hujan :grin:
User avatar
tr4h21
Posts: 42
Joined: 18 Jul 2011, 16:22
Location: Semampir, Sukolilo, Surabaya, Jawa Timur
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby tr4h21 » 18 Apr 2012, 12:45

mas bro,. kok gan d lanjutkan sih :(
ijin praktek skalian say hello jika saya ada kendala ya mas bro,.
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 19 Apr 2012, 08:37

tr4h21 wrote:mas bro,. kok gan d lanjutkan sih :(
ijin praktek skalian say hello jika saya ada kendala ya mas bro,.

maaf masbrooo.. baru sempat mampir hari ini di postingan ane hee..
udah work lagi...
setelah ngikutin cara dari @masdjo dan bro @yudiarbi
ntah kesalahnnya dimana saya juga gak ngerti...
semua berjalan lancar setelah saya fress install lagi servernya (memang kedengarannya seperti pengecut... hee....,
but.. it's work for me....) dan saya pasang lagi unboundnya .. tapi kyaknya kesalahannya seperti yang diutarain oleh bro @masdjo
User avatar
tr4h21
Posts: 42
Joined: 18 Jul 2011, 16:22
Location: Semampir, Sukolilo, Surabaya, Jawa Timur
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby tr4h21 » 20 Apr 2012, 15:03

sipelaut wrote:maaf masbrooo.. baru sempat mampir hari ini di postingan ane hee..
udah work lagi...
setelah ngikutin cara dari @masdjo dan bro @yudiarbi
ntah kesalahnnya dimana saya juga gak ngerti...
semua berjalan lancar setelah saya fress install lagi servernya (memang kedengarannya seperti pengecut... hee....,
but.. it's work for me....) dan saya pasang lagi unboundnya .. tapi kyaknya kesalahannya seperti yang diutarain oleh bro @masdjo

OK dah ane coba satu2,.
moga2 kl ada masalah, tidak membuat aku mengkerut,. :D
User avatar
tr4h21
Posts: 42
Joined: 18 Jul 2011, 16:22
Location: Semampir, Sukolilo, Surabaya, Jawa Timur
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby tr4h21 » 30 Apr 2012, 14:27

mas bro mohon pencerahannya,.
yudiarbi wrote:tambahkan dns option pada file /etc/network/interfaces agar modem bisa mengarah ke localhost 127.0.0.1 di tengah2 antara eth0 dan eth1

sebelumnya setting interface saya pakai dhcp (TKP sawah [baca kantor])
agar bisa mengarah k 127.0.0.1 -> harus d ubah ke static [cmiiw]
yudiarbi wrote:restart network, restart unbound,....

restart network lancar,.
restart unbound muncul ini mas bro

Code: Select all

* Restarting recursive DNS server unbound
[1335769781] unbound[8016:0] warning: increased limit(open files) from 1024 to 1122
[1335769781] unbound[8016:0] error: can't bind socket: Cannot assign requested address
[1335769781] unbound[8016:0] fatal error: could not open ports

saya pakai ubuntu 10.04,. koneksi inet kantor (LAN),. berikut saya sertakan unbound.conf-nya
unbound.conf
server:
verbosity: 1
statistics-interval: 120
num-threads: 2
interface: 202.***.***.*** #sesuaikan ip lan/eth1, untk eth yg lain tinggal ditambahkan di bawah sebelum 127.0.0.1
interface: 127.0.0.1

#untuk dual core dan lainya rumusnya 1024/cores - 50
outgoing-range: 512
num-queries-per-thread: 1024
so-rcvbuf: 4m

#gunakan 1/10 dari memory misal memory 512 mb
msg-cache-size: 50m
rrset-cache-size: 100m

msg-cache-slabs: 4
rrset-cache-slabs: 4
infra-cache-slabs: 4
key-cache-slabs: 4

cache-max-ttl: 86400
infra-host-ttl: 900
infra-lame-ttl: 900

infra-cache-numhosts: 10000
infra-cache-lame-size: 10k
key-cache-size: 4m

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.0/8 allow

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
#pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: 1.4
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 202.***.***.*** #masukin lan-nya / eth1
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

forward-zone:
name: "."
forward-addr: 192.168.10.1
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 125.160.2.34
forward-addr: 202.134.0.155
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

remote-control:
control-enable: yes
control-interface: 202.***.***.*** #lan / eth1 harus ada
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"

sebelumnya saya haturkan terima kasih,.

Return to “Ubuntu Server”

Who is online

Users browsing this forum: No registered users and 2 guests