mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2025-01-24 19:24:19 +01:00
unbound: cut cache.conf.SAMPLE into more descriptive files
This commit is contained in:
parent
531cdd82c5
commit
87bedac239
1
etc/unbound/unbound.conf.d/.gitignore
vendored
1
etc/unbound/unbound.conf.d/.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
dot-trex.conf
|
dot-trex.conf
|
||||||
|
cache.conf
|
||||||
|
13
etc/unbound/unbound.conf.d/cache-size.conf
Normal file
13
etc/unbound/unbound.conf.d/cache-size.conf
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
# This has potential to increase memory usage to 110m under heavy usage, but
|
||||||
|
# I find that unlikely as almost everything is using so short TTLs
|
||||||
|
# See also MEMORY CONTROL EXAMPLE in man unbound.conf
|
||||||
|
|
||||||
|
server:
|
||||||
|
# bytes in message cache, defaults to 4m
|
||||||
|
msg-cache-size: 50m
|
||||||
|
# bytes in rrset cache, defaults to 4m
|
||||||
|
rrset-cache-size: 50m
|
||||||
|
# nxdomain cache, default 1m
|
||||||
|
neg-cache-size: 10m
|
||||||
|
|
||||||
|
# vim: filetype=unbound.conf
|
@ -1,50 +0,0 @@
|
|||||||
# Increasing caching
|
|
||||||
|
|
||||||
# NOTE AT LEAST CACHE-MIN-TTL IF NOTHING ELSE!
|
|
||||||
|
|
||||||
# This has potential to increase memory usage to 110m under heavy usage, but
|
|
||||||
# I find that unlikely as almost everything is using so short TTLs
|
|
||||||
# See also MEMORY CONTROL EXAMPLE in man unbound.conf
|
|
||||||
|
|
||||||
server:
|
|
||||||
# bytes in message cache, defaults to 4m
|
|
||||||
msg-cache-size: 50m
|
|
||||||
# bytes in rrset cache, defaults to 4m
|
|
||||||
rrset-cache-size: 50m
|
|
||||||
# nxdomain cache, default 1m
|
|
||||||
neg-cache-size: 10m
|
|
||||||
# Increases TTL of all queries to 900 seconds (5 minutes) if upstream has
|
|
||||||
# a lower one. I have been using this since August 2019 without issues.
|
|
||||||
# TODO FIXME
|
|
||||||
#cache-min-ttl: 900
|
|
||||||
# https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/
|
|
||||||
# dares setting the minimum cache to something between 40 minute and 60,
|
|
||||||
# so how about 50 minutes? However it predates RFC 8767.
|
|
||||||
# TODO FIXME
|
|
||||||
#cache-min-ttl: 3000
|
|
||||||
# Why not just make it hour directly, while that is considered as a
|
|
||||||
# maximum reasonableish value?
|
|
||||||
# TODO FIXME
|
|
||||||
cache-min-ttl: 3600
|
|
||||||
# Update cache for popular items before they expire. ~10 % traffic
|
|
||||||
# increase according to `man unbound.conf`
|
|
||||||
prefetch: yes
|
|
||||||
# Fetch keys when DS is encountered, lower latency for a bit higher CPU use
|
|
||||||
prefetch-key: yes
|
|
||||||
# Allow expired results to be served if they are in cache. The cache will
|
|
||||||
# get updated the next time.
|
|
||||||
serve-expired: yes
|
|
||||||
# Serve expired data up to one day (RFC 8767)
|
|
||||||
serve-expired-ttl: 86400
|
|
||||||
# If serving expired data to client, explicitly give it TTL 30 seconds
|
|
||||||
serve-expired-reply-ttl: 30
|
|
||||||
# Serve expired data to client if there is no answer in 1.8 seconds as per
|
|
||||||
# common timeout 2 seconds according to the RFC 8767
|
|
||||||
#serve-expired-client-timeout: 1800
|
|
||||||
# However my /etc/resolv.conf timeout is 1 second since all my nameservers
|
|
||||||
# are localhost, so let's wait 0.8 seconds instead.
|
|
||||||
serve-expired-client-timeout: 800
|
|
||||||
# DNSSEC errors for expired records
|
|
||||||
ede-serve-expired: yes
|
|
||||||
|
|
||||||
# vim: filetype=unbound.conf
|
|
@ -0,0 +1,23 @@
|
|||||||
|
server:
|
||||||
|
# Update cache for popular items before they expire. ~10 % traffic
|
||||||
|
# increase according to `man unbound.conf`
|
||||||
|
prefetch: yes
|
||||||
|
# Fetch keys when DS is encountered, lower latency for a bit higher CPU use
|
||||||
|
prefetch-key: yes
|
||||||
|
# Allow expired results to be served if they are in cache. The cache will
|
||||||
|
# get updated the next time.
|
||||||
|
serve-expired: yes
|
||||||
|
# Serve expired data up to one day (RFC 8767)
|
||||||
|
serve-expired-ttl: 86400
|
||||||
|
# If serving expired data to client, explicitly give it TTL 30 seconds
|
||||||
|
serve-expired-reply-ttl: 30
|
||||||
|
# Serve expired data to client if there is no answer in 1.8 seconds as per
|
||||||
|
# common timeout 2 seconds according to the RFC 8767
|
||||||
|
#serve-expired-client-timeout: 1800
|
||||||
|
# However my /etc/resolv.conf timeout is 1 second since all my nameservers
|
||||||
|
# are localhost, so let's wait 0.8 seconds instead.
|
||||||
|
serve-expired-client-timeout: 800
|
||||||
|
# Human readable DNSSEC errors for expired records
|
||||||
|
ede-serve-expired: yes
|
||||||
|
|
||||||
|
# vim: filetype=unbound.conf
|
9
etc/unbound/unbound.conf.d/min-ttl-hour.conf
Normal file
9
etc/unbound/unbound.conf.d/min-ttl-hour.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
server:
|
||||||
|
# Increases TTL of all queries to 3600 seconds (1 hour) if upstream has
|
||||||
|
# a lower one. I have been using this since August 2019 without issues.
|
||||||
|
# https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/
|
||||||
|
# dares setting the minimum cache to something between 40 minute and 60,
|
||||||
|
# however it predates RFC 8767.
|
||||||
|
cache-min-ttl: 3600
|
||||||
|
|
||||||
|
# vim: filetype=unbound.conf
|
13
etc/unbound/unbound.conf.d/min-ttl.conf.sample
Normal file
13
etc/unbound/unbound.conf.d/min-ttl.conf.sample
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
server:
|
||||||
|
# Increases TTL of all queries to 900 seconds (5 minutes) if upstream has
|
||||||
|
# a lower one. I have been using this since August 2019 without issues.
|
||||||
|
#cache-min-ttl: 900
|
||||||
|
# https://blog.apnic.net/2019/11/12/stop-using-ridiculously-low-dns-ttls/
|
||||||
|
# dares setting the minimum cache to something between 40 minute and 60,
|
||||||
|
# so how about 50 minutes? However it predates RFC 8767.
|
||||||
|
#cache-min-ttl: 3000
|
||||||
|
# Why not just make it hour directly, while that is considered as a
|
||||||
|
# maximum reasonableish value?
|
||||||
|
#cache-min-ttl: 3600
|
||||||
|
|
||||||
|
# vim: filetype=unbound.conf
|
Loading…
Reference in New Issue
Block a user