search

Proxy DNS on Arch Linux with `unbound` and `resolvectl`

Wed, May 21, 2025 02:00 CEST

Tags: Arch, DNS, Proxying, Forwarding, Network, Unbound, Systemd-Resolved

Configure your favorite DNS servers with unbound.

We assume you already have systemd-resolved set up.

Install unbound and expat

pacman -S unbound expat

Configure server#interface and server#access-control in /etc/unbound/unbound.conf.

Configure forward-zone:

forward-zone:
        name: "."
        forward-tls-upstream: yes
        forward-addr: 2001:910:800::12#ns0.fdn.fr
        forward-addr: 2001:910:800::40#ns1.fdn.fr
        forward-addr: 80.67.169.12#ns0.fdn.fr
        forward-addr: 80.67.169.40#ns1.fdn.fr

Enable and start unbound.service:

systemctl enable --now unbound

Configure systemd-resolved to forward DNS queries to unbound:

# /etc/systemd/resolved.conf
[Resolve]
# NOTE: Forward to unbound.
DNSStubListener=no
DNS=127.0.0.1#53
DNSOverTLS=no
Domains=~.

Restart systemd-resolved:

systemctl restart systemd-resolved

See also: