# Increasing caching # This has potential to increase memory usage to 110m under heavy usage, but # I find that unlikely as almost everything is using so short TTLs # See also MEMORY CONTROL EXAMPLE in man unbound.conf server: # bytes in message cache, defaults to 4m msg-cache-size: 50m # bytes in rrset cache, defaults to 4m rrset-cache-size: 50m # nxdomain cache, default 1m neg-cache-size: 10m # Cache results for 15 minutes even if they had a shorter TTL. Cloudflare # zone export used to have 1 second, and I have also been seeing 1 # minute in the wild, I think 5 mins shouldn't break anything, but bigger # might. cache-min-ttl: 900 # Update cache for popular items before they expire. ~10 % traffic # increase according to `man unbound.conf` prefetch: yes # Fetch keys when DS is encountered, lower latency for a bit higher CPU use prefetch-key: yes # Allow expired results to be served if they are in cache. The cache will # get updated the next time. serve-expired: yes # DNSSEC errors for valid and expired records ede: yes ede-serve-expired: yes # vim: filetype=unbound.conf