← 返回命令列表

Linux command

unbound 命令

安全

权限或系统影响较大,执行前请核对目标。

常用示例

Start the unbound DNS server

sudo unbound

Start with a specific config file

sudo unbound -c [path/to/unbound.conf]

Start in foreground

sudo unbound -d

Start with verbose output

sudo unbound -v

Check configuration file

unbound-checkconf [path/to/unbound.conf]

Show version

unbound -V

说明

Unbound is a validating, recursive, and caching DNS resolver designed for security and performance. It performs DNS lookups on behalf of clients, validates responses using DNSSEC, and caches results to improve response times for subsequent queries. Unlike forwarding resolvers, Unbound is a full recursive resolver that can query root DNS servers directly, eliminating dependency on upstream DNS providers. It supports DNSSEC validation by default, verifying the authenticity of DNS responses to protect against cache poisoning and other DNS attacks. Configuration is done through /etc/unbound/unbound.conf, which controls listening interfaces, access control, DNSSEC settings, cache sizes, and performance tuning. Unbound can operate as a local resolver for a single machine or as a network-wide DNS server. Related utilities include unbound-control for runtime management, unbound-checkconf for configuration validation, unbound-anchor for DNSSEC root key management, and unbound-host for DNS lookups.

参数

-c _configfile_
Use the specified configuration file instead of /etc/unbound/unbound.conf.
-d
Debug mode. Do not fork into the background, stay in foreground.
-p
Do not use chroot or drop privileges.
-v
Increase verbosity level. Can be specified multiple times for more output.
-V
Show version information.
-h
Show help message.

FAQ

What is the unbound command used for?

Unbound is a validating, recursive, and caching DNS resolver designed for security and performance. It performs DNS lookups on behalf of clients, validates responses using DNSSEC, and caches results to improve response times for subsequent queries. Unlike forwarding resolvers, Unbound is a full recursive resolver that can query root DNS servers directly, eliminating dependency on upstream DNS providers. It supports DNSSEC validation by default, verifying the authenticity of DNS responses to protect against cache poisoning and other DNS attacks. Configuration is done through /etc/unbound/unbound.conf, which controls listening interfaces, access control, DNSSEC settings, cache sizes, and performance tuning. Unbound can operate as a local resolver for a single machine or as a network-wide DNS server. Related utilities include unbound-control for runtime management, unbound-checkconf for configuration validation, unbound-anchor for DNSSEC root key management, and unbound-host for DNS lookups.

How do I run a basic unbound example?

Run `sudo unbound` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -c _configfile_ do in unbound?

Use the specified configuration file instead of /etc/unbound/unbound.conf.