Annotation of src/etc/unbound.conf, Revision 1.6
1.6 ! sthen 1: # $OpenBSD: unbound.conf,v 1.5 2015/07/19 17:29:42 sthen Exp $
1.1 sthen 2:
3: server:
4: interface: 127.0.0.1
5: #interface: 127.0.0.1@5353 # listen on alternative port
6: interface: ::1
7: #do-ip6: no
8:
9: access-control: 0.0.0.0/0 refuse
10: access-control: 127.0.0.0/8 allow
11: access-control: ::0/0 refuse
12: access-control: ::1 allow
13:
14: hide-identity: yes
15: hide-version: yes
16:
1.6 ! sthen 17: # Uncomment to enable qname minimisation.
! 18: # https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08
! 19: #
! 20: # qname-minimisation: yes
! 21:
1.2 sthen 22: # Uncomment to enable DNSSEC validation.
1.1 sthen 23: #
1.2 sthen 24: #auto-trust-anchor-file: "/var/unbound/db/root.key"
1.1 sthen 25:
26: # Serve zones authoritatively from Unbound to resolver clients.
1.4 millert 27: # Not for external service.
1.1 sthen 28: #
29: #local-zone: "local." static
30: #local-data: "mycomputer.local. IN A 192.0.2.51"
1.4 millert 31: #local-zone: "2.0.192.in-addr.arpa." static
1.1 sthen 32: #local-data-ptr: "192.0.2.51 mycomputer.local"
33:
34: # UDP EDNS reassembly buffer advertised to peers. Default 4096.
35: # May need lowering on broken networks with fragmentation/MTU issues,
36: # particularly if validating DNSSEC.
37: #
38: #edns-buffer-size: 1480
39:
40: # Use TCP for "forward-zone" requests. Useful if you are making
41: # DNS requests over an SSH port forwarding.
42: #
43: #tcp-upstream: yes
1.6 ! sthen 44:
! 45: # DNS64 options, synthesizes AAAA records for hosts that don't have
! 46: # them. For use with NAT64 (PF "af-to").
! 47: #
! 48: #module-config: "dns64 validator iterator"
! 49: #dns64-prefix: 64:ff9b::/96 # well-known prefix (default)
! 50: #dns64-synthall: no
1.5 sthen 51:
52: remote-control:
53: control-enable: yes
54: control-use-cert: no
55: control-interface: /var/run/unbound.sock
1.1 sthen 56:
57: # Use an upstream forwarder (recursive resolver) for specific zones.
58: # Example addresses given below are public resolvers valid as of 2014/03.
59: #
60: #forward-zone:
61: # name: "." # use for ALL queries
62: # forward-addr: 74.82.42.42 # he.net
63: # forward-addr: 2001:470:20::2 # he.net v6
64: # forward-addr: 8.8.8.8 # google.com
65: # forward-addr: 2001:4860:4860::8888 # google.com v6
66: # forward-addr: 208.67.222.222 # opendns.com
67: # forward-first: yes # try direct if forwarder fails
![[BACK]](/icons/back.gif){kind=icon}
Return to unbound.conf CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc