Christoph Kania braindump


DNS on your desk

19.10.2012 - Christoph Kania

Using a local dns server could make your live faster

Sometimes you are in an environment where DNS requests will thwart you. In these moments a local DNS server is your friend.

A good choice is Unbound, a “validating, recursive, and caching DNS resolver” (for alternatives you might have a look on Wikipedia).

Under Mac OS X and homebrew just enter

$ brew install unbound

Then, as user root, create the relevant user and group:

$ dscl . -create /Groups/_unbound
$ dscl . -create /Groups/_unbound PrimaryGroupID 451
$ dscl . -create /Users/_unbound
$ dscl . -create /Users/_unbound RecordName _unbound unbound
$ dscl . -create /Users/_unbound RealName "Unbound Agent"
$ dscl . -create /Users/_unbound UniqueID 451
$ dscl . -create /Users/_unbound PrimaryGroupID 451
$ dscl . -create /Users/_unbound UserShell /usr/bin/false
$ dscl . -create /Users/_unbound Password '*'
$ dscl . -create /Groups/_unbound GroupMembership _unbound

To start unbound with system startup create the file /Library/LaunchDaemons/net.unbound.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">

And finaly:

$ launchctl load /Library/LaunchDaemons/net.unbound.plist

To use your local DNS as default (attention: I have not tested this):

$ networksetup  -listallnetworkservices | sed '1d' | \
	sed 's/\(.*\)/networksetup -setdnsservers "\1"' | sh
n$ etworksetup  -listallnetworkservices | sed '1d' | \
	sed 's/\(.*\)/networksetup -setsearchdomains "\1"' | sh

Think about the possibility to use public DNS servers like Google, hukl or other.