←back to thread

My Own DNS Server at Home – Part 1: IPv4

(jan.wildeboer.net)
220 points speckx | 2 comments | 05 Sep 25 19:08 UTC | HN request time: 0s | source
Show context
thedanbob ◴[05 Sep 25 21:05 UTC] No.45143600[source]
I set up authoritative nameservers at home using unbound, which appears to be considerably easier than configuring BIND, but I still can't say that I fully understand it. DNS (and networking in general) is a bit of a dark art.
replies(8): >>45144024 #>>45144179 #>>45144184 #>>45144578 #>>45144619 #>>45145306 #>>45146196 #>>45148030 #
daneel_w ◴[05 Sep 25 21:46 UTC] No.45144024[source]
Try NSD. Unlike unbound, NSD is the actual authoritative name server in the project.
replies(1): >>45144668 #
1. seiferteric ◴[05 Sep 25 22:57 UTC] No.45144668[source]
I’m setting up NSD for authoratative and Unbound for recursive layer at my company and they are a breeze to work with.
replies(1): >>45144954 #
2. DrPhish ◴[05 Sep 25 23:31 UTC] No.45144954[source]
I have this as well, but run a heavily locked down and isolated BIND server with NSD and Unbound for external authoritative and internal caching DNS respectively.

Its easy to feed an RBL to unbound to do pi-hole type work, I use pf to transparently redirect all external DNS requests to my local unbound server but I get the bind automation around things like DNSSEC, DHCP ddns and ACME cert renewals.

I'm surprised this isn't a more common stack.