Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2025-01-23 18:54:28 +01:00
Code Issues Projects Releases Wiki Activity

unbound/cache.conf: rename to cache.conf.SAMPLE and add scary warnings there

Browse Source
This commit is contained in:
Aminda Suomalainen 2024-04-29 20:46:00 +03:00
parent c23cba37c3
commit 0d0be5f9bc
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
etc/unbound/unbound.conf.d/cache.conf → etc/unbound/unbound.conf.d/cache.conf.SAMPLE
View File

@ -1,4 +1,7 @@
# Increasing caching # Increasing caching
# NOTE AT LEAST CACHE-MIN-TTL IF NOTHING ELSE!
# This has potential to increase memory usage to 110m under heavy usage, but # This has potential to increase memory usage to 110m under heavy usage, but
# I find that unlikely as almost everything is using so short TTLs # I find that unlikely as almost everything is using so short TTLs
# See also MEMORY CONTROL EXAMPLE in man unbound.conf # See also MEMORY CONTROL EXAMPLE in man unbound.conf
@ -12,11 +15,13 @@ server:
neg-cache-size: 10m neg-cache-size: 10m
# Increases TTL of all queries to 900 seconds (5 minutes) if upstream has # Increases TTL of all queries to 900 seconds (5 minutes) if upstream has
# a lower one. I have been using this since August 2019 without issues. # a lower one. I have been using this since August 2019 without issues.
# TODO FIXME
#cache-min-ttl: 900 #cache-min-ttl: 900
# https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/ # https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/
# dares setting the minimum cache to something between 40 minute and 60, # dares setting the minimum cache to something between 40 minute and 60,
# so how about 50 minutes? However it predates RFC 8767. # so how about 50 minutes? However it predates RFC 8767.
#cache-min-ttl: 3000 # TODO FIXME
cache-min-ttl: 3000
# Why not just make it hour directly, while that is considered as a # Why not just make it hour directly, while that is considered as a
# maximum reasonableish value? # maximum reasonableish value?
cache-min-ttl: 3600 cache-min-ttl: 3600
@ -38,8 +43,7 @@ server:
# However my /etc/resolv.conf timeout is 1 second since all my nameservers # However my /etc/resolv.conf timeout is 1 second since all my nameservers
# are localhost, so let's wait 0.8 seconds instead. # are localhost, so let's wait 0.8 seconds instead.
serve-expired-client-timeout: 800 serve-expired-client-timeout: 800
# DNSSEC errors for valid and expired records # DNSSEC errors for expired records
ede: yes
ede-serve-expired: yes ede-serve-expired: yes
# vim: filetype=unbound.conf # vim: filetype=unbound.conf