51 lines
1.4 KiB
Plaintext
51 lines
1.4 KiB
Plaintext
## Simple recursive caching DNS, UDP port 53
|
|
## unbound.conf -- https://calomel.org
|
|
#
|
|
server:
|
|
access-control: 10.0.0.0/8 allow
|
|
access-control: 127.0.0.0/8 allow
|
|
access-control: 192.168.0.0/16 allow
|
|
access-control: 0.0.0.0/0 allow
|
|
#aggressive-nsec: yes
|
|
cache-max-ttl: 14400
|
|
cache-min-ttl: 1200
|
|
do-ip4: yes
|
|
do-ip6: yes
|
|
do-udp: yes
|
|
do-tcp: yes
|
|
hide-identity: yes
|
|
hide-version: yes
|
|
interface-automatic: yes
|
|
prefetch: yes
|
|
root-hints: "etc/root.hints"
|
|
rrset-roundrobin: yes
|
|
so-reuseport: yes
|
|
tls-cert-bundle: "/usr/local/share/certs/ca-root-nss.crt"
|
|
use-caps-for-id: yes
|
|
verbosity: 0
|
|
include: "/etc/unbound/conf.d/ads.conf"
|
|
|
|
# Unbound from pkg built with libevent; increase threads and slabs to the
|
|
# number of real cpu cores to reduce lock contention. Increase cache size to
|
|
# store more records and allow each thread to serve an increased number of
|
|
# concurrent client requests.
|
|
# num-threads: 4
|
|
# msg-cache-slabs: 4
|
|
# rrset-cache-slabs: 4
|
|
# infra-cache-slabs: 4
|
|
# key-cache-slabs: 4
|
|
# msg-cache-size: 256M
|
|
# rrset-cache-size: 512M
|
|
# outgoing-range: 8192
|
|
# num-queries-per-thread: 4096
|
|
|
|
forward-zone:
|
|
name: "."
|
|
forward-tls-upstream: yes
|
|
forward-addr: 1.0.0.1@853#one.one.one.one
|
|
forward-addr: 1.1.1.1@853#one.one.one.one
|
|
forward-addr: 8.8.4.4@853#dns.google
|
|
forward-addr: 8.8.8.8@853#dns.google
|
|
forward-addr: 9.9.9.9@853#dns.quad9.net
|
|
forward-addr: 149.112.112.112@853#dns.quad9.net
|