Update unbound.conf

2025-02-02 10:59:14 +01:00 · 2022-05-23 14:33:37 +02:00 · 2022-05-23 14:33:37 +02:00 · 39071714b7
commit 39071714b7
parent bedc512f47
1 changed files with 25 additions and 25 deletions
--- a/Data/unbound.conf
+++ b/Data/unbound.conf
@ -1,33 +1,33 @@
-server:
-	port: 53 # port where to listen to queries (default 53)
-        interface: 0.0.0.0
-        interface: ::0
-	access-control: 127.0.0.1/8 allow
-	access-control: ::1/64 allow
-        access-control: 192.168.0.0/16 allow
-	verbosity: 0 # log nothing
-        qname-minimisation: yes # send minimal amount of information to upstream servers to enhance privacy
-        auto-trust-anchor-file: "/var/lib/unbound/root.key" # location of the trust anchor file that enables DNSSEC
+remote-control:
+        control-enable: yes               # allows control using "unbound-control"

+server:
+	interface: 0.0.0.0                # listen on all IPv4 network interfaces
+	interface: ::0	                  # listen on all IPv6 network interfaces
+	port: 53                          # listen on port 53
+	access-control: 127.0.0.1/8 allow # allow IPv4 queries from the local host
+	access-control: ::1/64 allow      # allow IPv6 queries from the local host
+        access-control: 192.168.0.0/16 allow # allow IPv4 query from the local network
+
+        qname-minimisation: yes           # send minimal amount of information to upstream servers to enhance privacy
+        auto-trust-anchor-file: "/var/lib/unbound/root.key" # location of the trust anchor file that enables DNSSEC
 	num-threads: 1
 	aggressive-nsec: yes
-	prefetch: yes # refresh expiring cache entries, if less than 10% of their TTL remains
-	hide-identity: yes # less verbose responses
-	hide-version: yes # less verbose responses
+	prefetch: yes                     # refresh expiring cache entries, if less than 10% of their TTL remains
+	hide-identity: yes                # less verbose responses
+	hide-version: yes                 # less verbose responses
 	rrset-cache-size: 100m
 	msg-cache-size: 50m
-	cache-min-ttl: 3600 # 1 hour minimum caching time
-	cache-max-ttl: 86400 # 1 day maximum caching time
-	cache-max-negative-ttl: 3600 # 1 hour maximum caching time for negative responses
-	so-reuseport: yes # faster UDP with multithreading (only on Linux)
-
-remote-control:
-        control-enable: yes # allows controlling unbound using "unbound-control"
+	cache-min-ttl: 3600               # 1 hour minimum caching time
+	cache-max-ttl: 86400              # 1 day maximum caching time
+	cache-max-negative-ttl: 3600      # 1 hour maximum caching time for negative responses
+	so-reuseport: yes                 # faster UDP with multithreading (only on Linux)
+	verbosity: 0                      # log nothing

 forward-zone:
 	name: "."
-	#forward-addr: 1.1.1.1@53 # Cloudflare (primary)
-	#forward-addr: 1.0.0.1@53 # Cloudflare (secondary)
-	forward-addr: 8.8.8.8@53 # Google Public DNS (primary)
-	forward-addr: 8.8.4.4@53 # Google Public DNS (secondary)
-	#forward-addr: 9.9.9.9@53 # Quad9
+	forward-addr: 1.1.1.1@53          # use Cloudflare (primary)
+	forward-addr: 1.0.0.1@53          # use Cloudflare (secondary)
+	forward-addr: 8.8.8.8@53          # use Google Public DNS (primary)
+	forward-addr: 8.8.4.4@53          # use Google Public DNS (secondary)
+	forward-addr: 9.9.9.9@53          # use Quad9