Skip to main content

Unbound – Your own DNS Server

unbound dns server logoIf you have your own server to protect your privacy or to give you full control and ownership of your data and traffic, well you probably already have your own DNS Server….if not, this article is a must!


DNS Server plays a key role on internet, for those who are unfamiliar with this service, a website is host on a specific IP (Static or dynamic) and in short, need a DNS Server to redirect an URL to the corresponding IP. For example, the DNS Server will make sure when you type, you are redirected to the correct IP (

Most of the ISP have their own DNS Server and even Google provides for “free” 2 DNS Server ( and

The interest for the ISP is mainly to speed up the access of webpages to their customers, by having a robust DNS Server within their own infrastructure or actually to slower down some bandwidth consuming websites (Like Youtube or Netflix).

For Google, it is probably to better track which websites you visit and sell highly targeted advertisement. (rough guess xD)

And in some cases (Probably too often IMO), governments might even force your ISP to modify their DNS Server to block the connection to a website. (Like blocking ThePirateBay, etc…)

So, as you can understand, having is own DNS Server is a critical step to take if you want to have the more control over your traffic and data.

The most popular DNS Server is surely Bind, but I personally find it too complicated to configure and some OS are starting to switch to others solutions, less complicated. It seems to be the case with FreeBSD 10, that recently moved to Unbound.


Unbound is an opensource (BSD License), secure validating, recursive, and caching DNS server written in C. Most distributions have Unbound binaries which make it very simple to install, while the have been written with a high security focus. It support IPv6, DNSSEC, a client resolver library API, and many more. It also runs on my OS such as Windows, Linux, BSD-type and MacOS.

For me, the main advantages to have my own DNS Server are:

-Fasten the response time within my local network to access my server (No need to use an external DNS Server that my go through different intermediaries)

– Improve my internet neutrality (Won’t suffer the censorship of my ISP or further protect my privacy)

– And although this might be against the net neutrality, I can block most of google/yahoo,etc…ads, by blocking their IPs/subdomain sending them. (Well at least, I’m free to do it)
So here we go.


Unbound DNS Server comes with the majority of Linux distributions. So the installation will be straightforward and I’ll share my configuration file that should work out of the box for you.


1) Install Unbound

In root (Or with sudo), run:

2) Download the list of Root DNS Server

You will need to download and copy the official named.cache file from InterNIC (The Internet’s Network Information Center) that contains the information on the root nameĀ servers needed to initialize to cache of your DNS Server.

Still in root, run:

3) Configure Unbound

Here is the config file I’m using, feel free to take it as it is. I’ve put some comments to explain some important features.

You can remove all (CTRL+K for example) and paste:

Save (CTRL +X), restart your unbound service

and you’re good to go.


4) Configure your client machines to directly use your local DNS Server

Now that you have a working DNS Server, you need to tell all your equipment to use your DNS Server. It obviously depends on the OS of your equipment, but it is usually straightforward. Note that you will probably have to restart your clients.

In my case, I’ve directly added my DNS Server into my Router, to make sure all my equipment use my own DNS Server!

If you want to make sure your Linux system is using your DNS Server, you give check which DNS Server you are using with the following command:


Note that you may have slower experience for the first connection to your website, but it will drastically improve afterward, thanks to your local cache.


If you want to know more about Unbound, I suggest you to check this link (EN) and that one too (FR) that helped me write my own article.

5 thoughts on “Unbound – Your own DNS Server

  1. Hello,
    first of all thank you for all the great tutorials you have here. I have to say many of them have been very useful to me! Really.

    I only have one question as I am not very versed in these things, I installed unbound on my raspberry pi and now I am stuck in the worst part. Using it šŸ™

    In other words, now I do not know how to enable my mac to change its DNS to unbound. I know this might be a very stupid question but I would really appreciate your help.

    Thanks in advance!

    1. Hi Carlos,
      After unbound being configured and running, you can change your computer DNS setting using your local IP (Local network I suppose).

      Me, I have directly configured my router to use my own Unbound server. Like that, no need for further settings and anyone connecting to my network will be use my DNS server.

      Hope it helps

  2. hello.pls I am running a startup WISP and I wish to kown how I can setup my own dns so much such that when my users run a speed test for their internet it will display my startup name as isp other than my internet supplier.thnks

  3. Hi carlos, I could say if this method works on ArchLinux?, I did it to the letter and start the service, and does not notice changes. Thank you

Leave a Reply

Your email address will not be published. Required fields are marked *