components/network/unbound/TESTING

   1 # enable forwarding to known DNS servers
   2 echo "forward-zone:\n\tname: \".\"" >> /etc/unbound/unbound.conf
   3 grep ^nameserver /etc/resolv.conf | gsed 's;nameserver;\tforward-addr:;' >> /etc/unbound/unbound.conf
   4
   5 # generate key for unbound-control
   6 unbound-control-setup
   7
   8 # enable unbound-control
   9 cat >> /etc/unbound/unbound.conf <<EOF
  10 remote-control:
  11     control-enable: yes
  12     server-key-file: "/etc/unbound/unbound_server.key"
  13     server-cert-file: "/etc/unbound/unbound_server.pem"
  14     control-key-file: "/etc/unbound/unbound_control.key"
  15     control-cert-file: "/etc/unbound/unbound_control.pem"
  16 EOF
  17
  18 # enable unbound service
  19 svcadm enable -s svc:/network/dns/server:unbound
  20
  21 # change resolver to localhost
  22 svccfg -s svc:/network/dns/client:default setprop config/nameserver = net_address: ::1
  23 svcadm refresh -s svc:/network/dns/client
  24 grep ^nameserver /etc/resolv.conf
  25
  26 # test unbound
  27 unbound-control status
  28
  29 dig -t a github.com
  30 unbound-control dump_cache | grep github
  31
  32 # Lookup name via Name Service switch, flush hosts first.
  33 /usr/sbin/nscd -i hosts
  34 /usr/bin/getent hosts github.com
  35