2017-06-18 20:57:26 +02:00
|
|
|
server:
|
2017-06-18 20:57:54 +02:00
|
|
|
verbosity: 1
|
2017-06-18 20:57:26 +02:00
|
|
|
interface: 0.0.0.0
|
|
|
|
interface: ::0
|
2018-09-30 14:43:18 +02:00
|
|
|
logfile: /dev/console
|
2017-06-18 20:57:26 +02:00
|
|
|
do-ip4: yes
|
|
|
|
do-ip6: yes
|
|
|
|
do-udp: yes
|
|
|
|
do-tcp: yes
|
|
|
|
do-daemonize: no
|
2018-10-12 11:35:45 +02:00
|
|
|
#access-control: 0.0.0.0/0 allow
|
2018-01-24 08:36:37 +01:00
|
|
|
access-control: 10.0.0.0/8 allow
|
|
|
|
access-control: 172.16.0.0/12 allow
|
|
|
|
access-control: 192.168.0.0/16 allow
|
2018-02-01 13:37:50 +01:00
|
|
|
access-control: fc00::/7 allow
|
2018-01-24 08:36:37 +01:00
|
|
|
access-control: fe80::/10 allow
|
2018-10-12 11:35:45 +02:00
|
|
|
#access-control: ::0/0 allow
|
2017-06-18 20:57:26 +02:00
|
|
|
directory: "/etc/unbound"
|
|
|
|
username: unbound
|
|
|
|
auto-trust-anchor-file: trusted-key.key
|
2018-10-12 10:56:17 +02:00
|
|
|
#private-address: 10.0.0.0/8
|
|
|
|
#private-address: 172.16.0.0/12
|
|
|
|
#private-address: 192.168.0.0/16
|
|
|
|
#private-address: 169.254.0.0/16
|
|
|
|
#private-address: fc00::/7
|
|
|
|
#private-address: fe80::/10
|
2018-10-16 20:14:14 +02:00
|
|
|
# cache-min-ttl needs to be less or equal to cache-max-negative-ttl
|
|
|
|
cache-min-ttl: 5
|
|
|
|
cache-max-negative-ttl: 60
|
2017-06-18 20:57:26 +02:00
|
|
|
root-hints: "/etc/unbound/root.hints"
|
|
|
|
hide-identity: yes
|
|
|
|
hide-version: yes
|
|
|
|
max-udp-size: 4096
|
|
|
|
msg-buffer-size: 65552
|
2019-07-13 09:22:03 +02:00
|
|
|
unwanted-reply-threshold: 10000
|
2019-11-26 21:08:47 +01:00
|
|
|
ipsecmod-enabled: no
|
2018-09-30 14:43:18 +02:00
|
|
|
|
|
|
|
remote-control:
|
2019-11-26 21:08:47 +01:00
|
|
|
control-enable: yes
|
|
|
|
control-interface: 127.0.0.1
|
|
|
|
control-port: 8953
|
|
|
|
server-key-file: "/etc/unbound/unbound_server.key"
|
|
|
|
server-cert-file: "/etc/unbound/unbound_server.pem"
|
|
|
|
control-key-file: "/etc/unbound/unbound_control.key"
|
|
|
|
control-cert-file: "/etc/unbound/unbound_control.pem"
|