1. Package installation

FreeBSD ships unbound in the base system but the one in ports is usually following upstream more closely. Install the unbound package, backup your DNS configuration, and tell the system to use the local resolver:

# pkg install unbound
# cp /etc/resolv.conf /etc/resolv.conf.backup
# echo nameserver 127.0.0.1 > /etc/resolv.conf

2. Lock changes in

برای جلوگیری از اِعمال ناخواستهٔ تغییرات پیکربندی (برای مثال از سوی سرویس‌گیرنده DHCP):

# chflags schg /etc/resolv.conf

3. QNAME minimisation

The latest versions of unbound have qname-minimisation enabled by default. However, it is advisable to verify this setting, as older versions did not enable it automatically.

To check and configure it, open the unbound configuration file, located at /usr/local/etc/unbound/unbound.conf, look for the following entry and change it if necessary:

server:
    ...
    qname-minimisation: yes
    ...

If the setting is missing, it should still be enabled by default. تطبیق‌گر Unbound را که هم‌اکنون نصب کردید، اعتبارسنجی DNSSEC را نیز انجام می‌دهد.

4. Start the service

To enable and start the unbound service, run:

# sysrc unbound_enable=YES
# service unbound start