shell-things/etc/unbound/unbound.conf.d/expired-stale-serving-rfc8767.conf

23 lines
894 B
Plaintext

server:
# Update cache for popular items before they expire. ~10 % traffic
# increase according to `man unbound.conf`
prefetch: yes
# Fetch keys when DS is encountered, lower latency for a bit higher CPU use
prefetch-key: yes
# Allow expired results to be served if they are in cache. The cache will
# get updated the next time.
serve-expired: yes
# Serve expired data up to one day (RFC 8767)
serve-expired-ttl: 86400
# If serving expired data to client, explicitly give it TTL 30 seconds
serve-expired-reply-ttl: 30
# Serve expired data to client if there is no answer in 0.8 seconds as
# RFC 8767 says common seconds is 2 seconds making 1800 a reasonable
# value, but as I use a second lower timeout, I need to adjust here as
# well.
serve-expired-client-timeout: 800
# Human readable DNSSEC errors for expired records
ede-serve-expired: yes
# vim: filetype=unbound.conf