server: # Debian ca-certificates location #tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt # Fedora #tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem # Use system certificates no matter where they are tls-system-cert: yes # Quad9 says pointless performance impact on forwarders. # https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization qname-minimisation: no forward-zone: name: "." forward-tls-upstream: yes # Unfiltered #forward-addr: 194.242.2.2@853#dns.mullvad.net #forward-addr: 2a07:e340::2@853#dns.mullvad.net # Adblock and tracking protection #forward-addr: 194.242.2.3@853#adblock.dns.mullvad.net #forward-addr: 2a07:e340::3@853#adblock.dns.mullvad.net # Above + malware protection forward-addr: 194.242.2.4@853#base.dns.mullvad.net forward-addr: 2a07:e340::4@853#base.dns.mullvad.net # Above + social media blocking #forward-addr: 194.242.2.5@853#extended.dns.mullvad.net #forward-addr: 2a07:e340::5@853#extended.dns.mullvad.net # Blocking for ads, trackers, malware, adult, gambling #forward-addr: 194.242.2.6@853#family.dns.mullvad.net #forward-addr: 2a07:e340::6@853#family.dns.mullvad.net # Blocking all of the above #forward-addr: 194.242.2.9@853#all.dns.mullvad.net #forward-addr: 2a07:e340::9@853#all.dns.mullvad.net # vim: filetype=unbound.conf