Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##########################
- # Unbound Configuration
- ##########################
- ##
- # Server configuration
- ##
- server:
- chroot: /var/unbound
- username: unbound
- directory: /var/unbound
- pidfile: /var/run/unbound.pid
- root-hints: /var/unbound/root.hints
- use-syslog: yes
- port: 53
- verbosity: 2
- extended-statistics: no
- log-queries: no
- hide-identity: yes
- hide-version: yes
- harden-referral-path: no
- do-ip4: yes
- do-ip6: yes
- do-udp: yes
- do-tcp: yes
- do-daemonize: yes
- module-config: "validator iterator"
- cache-max-ttl: 86400
- cache-min-ttl: 900
- harden-dnssec-stripped: no
- serve-expired: yes
- outgoing-num-tcp: 20
- incoming-num-tcp: 20
- num-queries-per-thread: 4096
- outgoing-range: 8192
- infra-host-ttl: 900
- infra-cache-numhosts: 50000
- unwanted-reply-threshold: 0
- jostle-timeout: 200
- msg-cache-size: 100m
- rrset-cache-size: 200m
- num-threads: 2
- msg-cache-slabs: 4
- rrset-cache-slabs: 4
- infra-cache-slabs: 4
- key-cache-slabs: 4
- auto-trust-anchor-file: /var/unbound/root.key
- prefetch: yes
- prefetch-key: yes
- # Interface IP(s) to bind to
- interface: 0.0.0.0
- interface: ::0
- interface-automatic: yes
- # DNS Rebinding
- # For DNS Rebinding prevention
- #
- # All these addresses are either private or should not be routable in the global IPv4 or IPv6 internet.
- #
- # IPv4 Addresses
- #
- private-address: 0.0.0.0/8 # Broadcast address
- private-address: 10.0.0.0/8
- private-address: 100.64.0.0/10
- private-address: 127.0.0.0/8 # Loopback Localhost
- private-address: 169.254.0.0/16
- private-address: 172.16.0.0/12
- private-address: 192.0.2.0/24 # Documentation network TEST-NET
- private-address: 192.168.0.0/16
- private-address: 198.18.0.0/15 # Used for testing inter-network communications
- private-address: 198.51.100.0/24 # Documentation network TEST-NET-2
- private-address: 203.0.113.0/24 # Documentation network TEST-NET-3
- private-address: 233.252.0.0/24 # Documentation network MCAST-TEST-NET
- #
- # IPv6 Addresses
- #
- private-address: ::1/128 # Loopback Localhost
- private-address: 2001:db8::/32 # Documentation network IPv6
- private-address: fc00::/8 # Unique local address (ULA) part of "fc00::/7", not defined yet
- private-address: fd00::/8 # Unique local address (ULA) part of "fc00::/7", "/48" prefix group
- private-address: fe80::/10 # Link-local address (LLA)
- # Set private domains in case authoritative name server returns a Private IP address
- private-domain: "voip.windtre.it"
- domain-insecure: "voip.windtre.it"
- # Access lists
- include: /var/unbound/access_lists.conf
- # Static host entries
- include: /var/unbound/host_entries.conf
- # DHCP leases (if configured)
- include: /var/unbound/dhcpleases.conf
- # Domain overrides
- include: /var/unbound/domainoverrides.conf
- # Custom includes (plugins)
- include: /var/unbound/etc/*.conf
- remote-control:
- control-enable: yes
- control-interface: 127.0.0.1
- control-port: 953
- server-key-file: /var/unbound/unbound_server.key
- server-cert-file: /var/unbound/unbound_server.pem
- control-key-file: /var/unbound/unbound_control.key
- control-cert-file: /var/unbound/unbound_control.pem
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement