Add install-unbound.ps1

2025-08-08 20:54:38 +02:00 · 2022-05-22 22:35:21 +02:00
parent 21c25ac698
commit a5ff3ae02f
4 changed files with 101 additions and 11 deletions
--- a/Data/unbound.conf
+++ b/Data/unbound.conf
@ -0,0 +1,33 @@
+server:
+	port: 53 # port where to listen to queries (default 53)
+        interface: 0.0.0.0
+        interface: ::0
+	access-control: 127.0.0.1/8 allow
+	access-control: ::1/64 allow
+        access-control: 192.168.0.0/16 allow
+	verbosity: 0 # log nothing
+        qname-minimisation: yes # send minimal amount of information to upstream servers to enhance privacy
+        auto-trust-anchor-file: "/var/lib/unbound/root.key" # location of the trust anchor file that enables DNSSEC
+
+	num-threads: 1
+	aggressive-nsec: yes
+	prefetch: yes # refresh expiring cache entries, if less than 10% of their TTL remains
+	hide-identity: yes # less verbose responses
+	hide-version: yes # less verbose responses
+	rrset-cache-size: 100m
+	msg-cache-size: 50m
+	cache-min-ttl: 3600 # 1 hour minimum caching time
+	cache-max-ttl: 86400 # 1 day maximum caching time
+	cache-max-negative-ttl: 3600 # 1 hour maximum caching time for negative responses
+	so-reuseport: yes # faster UDP with multithreading (only on Linux)
+
+remote-control:
+        control-enable: yes # allows controlling unbound using "unbound-control"
+
+forward-zone:
+	name: "."
+	#forward-addr: 1.1.1.1@53 # Cloudflare (primary)
+	#forward-addr: 1.0.0.1@53 # Cloudflare (secondary)
+	forward-addr: 8.8.8.8@53 # Google Public DNS (primary)
+	forward-addr: 8.8.4.4@53 # Google Public DNS (secondary)
+	#forward-addr: 9.9.9.9@53 # Quad9