konfigurasi unbound untuk DNS resolve

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:14

salam
broo.. saya lagi makek unbound untuk DNS resolve
lumayan rada cepet untuk ngeload suatu websites
tapi kok untuk facebook malah gak bisa kebuka yaa..
bisa kasih tau caranya gak.. apa ada yang salah dengan konfigurasi saya\
wassalam
ini konfigurasi saya
saya ambil dari beberapa artikel
maklum lagi nyoba2
konfigurasi unbound
server:
verbosity: 1
statistics-interval: 120
num-threads: 1
interface: 0.0.0.0

outgoing-range: 512
num-queries-per-thread: 1024

msg-cache-size: 16m
rrset-cache-size: 32m

msg-cache-slabs: 4
rrset-cache-slabs: 4

cache-max-ttl: 86400
infra-host-ttl: 60
infra-lame-ttl: 120

infra-cache-numhosts: 10000
infra-cache-lame-size: 10k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 192.168.10.0/24 allow
access-control: 192.168.11.0/24 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
infra-cache-numhosts: 10000
infra-cache-lame-size: 10k

do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes

#access-control: 0.0.0.0/0 allow
access-control: 192.168.0.0/16 allow
access-control: 192.168.10.0/24 allow
access-control: 192.168.11.0/24 allow
access-control: 172.16.0.0/12 allow
access-control: 10.0.0.0/8 allow
access-control: 127.0.0.0/8 allow
access-control: 0.0.0.0/0 refuse

chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
chroot: "/etc/unbound"
username: "unbound"
directory: "/etc/unbound"
#logfile: "/etc/unbound/unbound.log"
#use-syslog: yes
logfile: ""
use-syslog: no
pidfile: "/etc/unbound/unbound.pid"
root-hints: "/etc/unbound/named.cache"

identity: "DNS"
version: "1.4"
hide-identity: yes
hide-version: yes
harden-glue: yes
do-not-query-address: 127.0.0.1/8
do-not-query-localhost: yes
module-config: "iterator"

#zone localhost
local-zone: "localhost." static
local-data: "localhost. 10800 IN NS localhost."
local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
local-data: "localhost. 10800 IN A 127.0.0.1"

local-zone: "127.in-addr.arpa." static
local-data: "127.in-addr.arpa. 10800 IN NS localhost."
local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."

#zone umum.net
local-zone: "umum.net." static
local-data: "umum.net. 86400 IN NS ns1.umum.net."
local-data: "umum.net. 86400 IN SOA umum.net. hostmaster.umum.net. 3 3600 1200 604800 86400"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN A 192.168.10.1"
local-data: "mail.umum.net. 86400 IN A 192.168.10.1"
local-data: "umum.net. 86400 IN MX 10 mail.umum.net."
local-data: "umum.net. 86400 IN TXT v=spf1 a mx ~all"
local-zone: "10.168.192.in-addr.arpa." static
local-data: "10.168.192.in-addr.arpa. 10800 IN NS umum.net."
local-data: "10.168.192.in-addr.arpa. 10800 IN SOA umum.net. hostmaster.umum.net. 4 3600 1200 604800 864000"
local-data: "10.168.192.in-addr.arpa. 10800 IN PTR umum.net."

forward-zone:
name: "."
forward-addr: 192.168.10.1
forward-addr: 202.134.1.10
forward-addr: 125.160.4.82
forward-addr: 125.160.2.34
forward-addr: 202.134.0.155
# forward-addr: 203.130.196.155
# forward-addr: 202.134.0.61
# forward-addr: 180.131.144.144
# forward-addr: 180.131.145.145
# forward-addr: 208.67.222.222
# forward-addr: 208.67.220.220
# forward-addr: 222.124.198.150
# forward-addr: 222.124.249.115
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4

remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"


============
update
============
sekarang malah gak bisa buka google hee......
tidak bisa serching nehh...
anulis postingan in aja sampek harus F5 terus baru bisa masuk...
apa kudu di remove ya unbound nyaaa
kyaknya lebih stabil bind nehhh
Last edited by sipelaut on 27 Feb 2016, 19:47, edited 1 time in total.
Reason: update satus :)
User avatar
MasDjo
Posts: 1260
Joined: 03 Jan 2010, 17:38
Location: Bayuangga City
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby MasDjo » 09 Mar 2012, 08:26

forward-addr 192.168.10.1 dihilangkan saja masbro ...CMIIW :)
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: konfigurasi unbound untuk DNS resolve

Postby sipelaut » 09 Mar 2012, 08:28

[quote=MasDjo]forward-addr 192.168.10.1 dihilangkan saja masbro ...CMIIW :)

sudah mabro...
saya udah matiin untuk yang lokal...
sampek saya coba satu-satu semua DNS nya...

---
apakah ada yang harus saya ubah di konfigurasi squidnyaaa mabro....
Last edited by sipelaut on 27 Feb 2016, 19:47, edited 1 time in total.
Reason: squid konfig