unbound/cache.conf: RFC 8767ish configuration

This commit is contained in:
Aminda Suomalainen 2024-04-27 15:00:12 +03:00
parent 813878a4de
commit 30a27f980d
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q

View File

@ -23,6 +23,14 @@ server:
# Allow expired results to be served if they are in cache. The cache will
# get updated the next time.
serve-expired: yes
# Serve expired data up to one day (RFC 8767)
serve-expired-ttl: 86400
# Serve expired data to client if there is no answer in 1.8 seconds as per
# common timeout 2 seconds according to the RFC 8767
#serve-expired-client-timeout: 1800
# However my /etc/resolv.conf timeout is 1 second since all my nameservers
# are localhost, so let's wait 0.8 seconds instead.
serve-expired-client-timeout: 800
# DNSSEC errors for valid and expired records
ede: yes
ede-serve-expired: yes