Return to unbound.conf CVS log

Up to [local] / src / etc

Annotation of src/etc/unbound.conf, Revision 1.5

1.5     ! sthen       1: # $OpenBSD: unbound.conf,v 1.4 2014/04/02 21:43:30 millert Exp $
1.1       sthen       2:
                      3: server:
                      4:        interface: 127.0.0.1
                      5:        #interface: 127.0.0.1@5353      # listen on alternative port
                      6:        interface: ::1
                      7:        #do-ip6: no
                      8:
                      9:        access-control: 0.0.0.0/0 refuse
                     10:        access-control: 127.0.0.0/8 allow
                     11:        access-control: ::0/0 refuse
                     12:        access-control: ::1 allow
                     13:
                     14:        hide-identity: yes
                     15:        hide-version: yes
                     16:
1.2       sthen      17:        # Uncomment to enable DNSSEC validation.
1.1       sthen      18:        #
1.2       sthen      19:        #auto-trust-anchor-file: "/var/unbound/db/root.key"
1.1       sthen      20:
                     21:        # Serve zones authoritatively from Unbound to resolver clients.
1.4       millert    22:        # Not for external service.
1.1       sthen      23:        #
                     24:        #local-zone: "local." static
                     25:        #local-data: "mycomputer.local. IN A 192.0.2.51"
1.4       millert    26:        #local-zone: "2.0.192.in-addr.arpa." static
1.1       sthen      27:        #local-data-ptr: "192.0.2.51 mycomputer.local"
                     28:
                     29:        # UDP EDNS reassembly buffer advertised to peers. Default 4096.
                     30:        # May need lowering on broken networks with fragmentation/MTU issues,
                     31:        # particularly if validating DNSSEC.
                     32:        #
                     33:        #edns-buffer-size: 1480
                     34:
                     35:        # Use TCP for "forward-zone" requests. Useful if you are making
                     36:        # DNS requests over an SSH port forwarding.
                     37:        #
                     38:        #tcp-upstream: yes
1.5     ! sthen      39:
        !            40: remote-control:
        !            41:        control-enable: yes
        !            42:        control-use-cert: no
        !            43:        control-interface: /var/run/unbound.sock
1.1       sthen      44:
                     45: # Use an upstream forwarder (recursive resolver) for specific zones.
                     46: # Example addresses given below are public resolvers valid as of 2014/03.
                     47: #
                     48: #forward-zone:
                     49: #      name: "."                               # use for ALL queries
                     50: #      forward-addr: 74.82.42.42               # he.net
                     51: #      forward-addr: 2001:470:20::2            # he.net v6
                     52: #      forward-addr: 8.8.8.8                   # google.com
                     53: #      forward-addr: 2001:4860:4860::8888      # google.com v6
                     54: #      forward-addr: 208.67.222.222            # opendns.com
                     55: #      forward-first: yes                      # try direct if forwarder fails