# Brownie points for no data transmitted outside of the EU and thus # GDPR-compatible server: # Debian ca-certificates location #tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt # Fedora #tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem # Use system certificates no matter where they are tls-system-cert: yes # Quad9 says pointless performance impact on forwarders. # https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization qname-minimisation: no forward-zone: name: "." forward-tls-upstream: yes forward-addr: 2a0f:fc80::@853#dns0.eu forward-addr: 193.110.81.0@853#dns0.eu forward-addr: 2a0f:fc81::@853#dns0.eu forward-addr: 185.253.5.0@853#dns0.eu # DNS4EU Protective forward-addr: 2a13:1001::86:54:11:1@853#protective.joindns4.eu forward-addr: 86.54.11.1@853#protective.joindns4.eu # vim: filetype=unbound.conf