server: # perform cryptographic DNSSEC validation using the root trust anchor. # this should be in /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf # auto-trust-anchor-file: "/var/lib/unbound/root.key" interface: 127.0.0.1 access-control: 127.0.0.0/8 allow interface: ::1 access-control: ::1 allow port: 2000 # logging chroot: "" use-syslog: yes log-time-ascii: yes log-queries: yes # 0 - 5, default 1, query information 3 verbosity: 1