shell-things/etc/unbound/unbound.conf.d/dot-dns0.conf

35 lines
1.2 KiB
Plaintext
Raw Normal View History

server:
# Debian ca-certificates location
#tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
# ctrl.blog says this is the Fedora location
#tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
# Use system certificates no matter where they are
tls-system-cert: yes
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
# Private ECS is more accurate with IPv4 than IPv6.
prefer-ip4: yes
prefer-ip6: no
forward-zone:
name: "."
forward-tls-upstream: yes
# Default
forward-addr: 2a0f:fc80::@853#dns0.eu
forward-addr: 193.110.81.0@853#dns0.eu
forward-addr: 2a0f:fc81::@853#dns0.eu
forward-addr: 185.253.5.0@853#dns0.eu
# # Unfiltered
# forward-addr: 193.110.81.254@853#open.dns0.eu
# forward-addr: 185.253.5.254@853#open.dns0.eu
# forward-addr: 2a0f:fc80::ffff@853#open.dns0.eu
# forward-addr: 2a0f:fc81::ffff@853#open.dns0.eu
# # Heavier filtering
# forward-addr: 2a0f:fc80::9@853#zero.dns0.eu
# forward-addr: 193.110.81.9@853#zero.dns0.eu
# forward-addr: 2a0f:fc81::9@853#zero.dns0.eu
# forward-addr: 185.253.5.9@853#zero.dns0.eu
# vim: filetype=unbound.conf