Upload
harvestforme
View
225
Download
0
Embed Size (px)
Citation preview
7/27/2019 Unbound Windows Manual 00
1/13
Manual for Unbound on Windows
W.C.A. Wijngaards, NLnet Labs, March 2009
ntroduction
!his "anual ai"s to #ro$ide infor"ation about the Unboundser$er on the Windows #latfor". ncluded is installation,uninstallation and so"e infor"ation on configuration s#ecific forWindows. %ull details of o#erating a &N' resol$er are not #art of
this docu"ent, and can better be docu"ented in a #latfor" inde#endentdocu"ent.
What is Unbound and what is &N''(C
Unbound is a &N' resol$er. t su##orts $alidation, caching,and &N''(C. t su##orts N'(C and N'(C), #$* and #$+.Unbound is written for Uni -#osi "achines, and runs on%ree/'&, #en/'&, Net/'& and Linu -%edora, &ebian,Ubuntu, .... !his docu"ent is about the Windows $ersion.
!he ser$ice that unbound #ro$ides is that it #erfor"s &N' loo1u#s, and can#erfor" &N''(C $alidation on the result. f the result is bad, it is not
returned to the client -who sees a te"#orar error in na"e resolution.A##lications that su##ort &N''(C can as1 to see the $erification result.
&N''(C is a standard for securing the infor"ation in the &N'. 3our $alidatorneeds to ha$e #ublic 1es to chec1 the signatures on the data. &N''(C ise#lained "ore full on htt#455www.dnssec.net #ages.
!he unbound #ac1age for windows #ro$ides &N''(C $alidation 6 the clientthat $erifies the signatures #ublished b authoritati$e &N' ser$ers on theinternet.
nstallation
&ownload the installer fro" the htt#455unbound.net website. 7un the installer.n Windows 8ista ou ha$e to #ro$ide ad"inistrator #er"ission.
3ou are greeted with4
7/27/2019 Unbound Windows Manual 00
2/13
%irst the license is #resented. !his is the /'& license used b the source code.
2
7/27/2019 Unbound Windows Manual 00
3/13
!hen choose which co"#onents to install. !he "ain co"#onent cannot beunselected. !he &L8 o#tion downloads the #ublic 1e for dl$.isc.org so that itcan be used to #ro$ide #ublic 1es for &N''(C $alidation. f ou do not chec1this o#tion ou ha$e to add our own 1es for &N''(C $alidation to occur.Without #ublic 1es unbound #erfor"s regular non:secured &N' loo1u#s.
Choose the director to install into, the default is C4;
7/27/2019 Unbound Windows Manual 00
4/13
Choose if ou want shortcuts in the 'tart Menu. 'ee a later section of this"anual for a descri#tion of the shortcuts installed.
*
7/27/2019 Unbound Windows Manual 00
5/13
!he installation is #erfor"ed. f the &L8 1e cannot be downloaded, theinstallation is aborted, ou can hit Cancel to eit and atte"#t to install againonce the networ1 is wor1ing again.
!he installation is finished. Unbound is auto"aticall started for ou.
=
7/27/2019 Unbound Windows Manual 00
6/13
Allow unbound to access the networ1 when the windows firewall -or ourinstalled firewall as1s for #er"ission.
Uninstallationf ou installed start "enu shortcuts, run the uninstaller fro" the "enu.therwise, #ress the 7e"o$e button for Unbound in the Control
7/27/2019 Unbound Windows Manual 00
7/13
!he location is chec1ed4
>
7/27/2019 Unbound Windows Manual 00
8/13
%iles are re"o$ed and the uninstallation has been co"#leted.
Chec1 if it is running
#en the Control
7/27/2019 Unbound Windows Manual 00
9/13
!he detailed #ro#erties loo1 li1e this4
9
7/27/2019 Unbound Windows Manual 00
10/13
0
7/27/2019 Unbound Windows Manual 00
11/13
7eading the error log
#en the Control
7/27/2019 Unbound Windows Manual 00
12/13
Ad$anced 6 editing the config file
Unbound is configured with a config file. !he default config file is C4;
7/27/2019 Unbound Windows Manual 00
13/13
are "ade -in DELM;'oftware;Microsoft;Windows;Current8ersion; Uninstall;Unbound.
'etu# as Local 'er$er
!he default install results in unbound #erfor"ing ser$ice for localhost,running on 2>.0.0.. !his section e#lains how to set u# unbound to #ro$ideser$ice for the local networ1.
(dit the config file, see earlier section on how to edit it, and add the#er"issions to ser$e the local networ1. Add these lines4
# this is a comment.
# provide Ipv4 service.
interface: 0.0.0.0
# provide ipv6 service, uncomment on Vista or if ipv6 is available.
#interface: ::0
# allow access by the local network.
accesscontrol: !".!6$.0.0%!6 allow
# if you have Ipv6 enter your %64 as well and uncomment.
#accesscontrol: 00!:db$::%64 allow
3ou also ha$e to o#en the &N' #ort -#ort =) in the firewall for inco"ing U&