2014-12-29 11:10:20 +01:00
|
|
|
# When there is no dnsmasq
|
|
|
|
|
2014-12-27 10:09:00 +01:00
|
|
|
server:
|
|
|
|
# perform cryptographic DNSSEC validation using the root trust anchor.
|
|
|
|
# this should be in /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf
|
2015-02-19 17:43:08 +01:00
|
|
|
auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
2014-12-29 11:55:37 +01:00
|
|
|
#interface: 127.0.0.1
|
2014-12-27 10:09:00 +01:00
|
|
|
access-control: 127.0.0.0/8 allow
|
2014-12-29 11:55:37 +01:00
|
|
|
#interface: ::1
|
2014-12-27 10:09:00 +01:00
|
|
|
access-control: ::1 allow
|
2014-12-29 11:10:20 +01:00
|
|
|
port: 53
|
2014-12-27 10:09:00 +01:00
|
|
|
# logging
|
|
|
|
chroot: ""
|
|
|
|
use-syslog: yes
|
|
|
|
log-time-ascii: yes
|
|
|
|
log-queries: yes
|
|
|
|
# 0 - 5, default 1, query information 3
|
|
|
|
verbosity: 1
|
2014-12-27 11:28:03 +01:00
|
|
|
# more cache memory, rrset=msg*2
|
|
|
|
rrset-cache-size: 500m
|
|
|
|
msg-cache-size: 250m
|