User Tools

Site Tools


Unbound dns resolver

My unbound configuration which focus on security and some privacy regarding my ISP by using cloudflare and quad9 on DNS over TLS.

  verbosity: 1
  use-syslog: yes
  interface: ::
  access-control: allow
  access-control: allow
  access-control: ::1/128 allow
  hide-identity: yes
  hide-version: yes
  minimal-responses: yes
  prefetch: yes
  qname-minimisation: yes
  rrset-roundrobin: yes
  cache-max-ttl: 14400
  # cache-min-ttl: 600
  do-tcp: yes
  do-udp: yes
  use-caps-for-id: yes
  # static dns entries (for internal dns)
  # local-zone: "" static
  # local-data: " IN A"
  # local-data-ptr: ""
  # [...]
  name: "."
  forward-ssl-upstream: yes
  forward-addr:         # cloudflare primary
  forward-addr:         # cloudflare primary
  forward-addr:         # primary
  forward-addr: # secondary
soft/unbound.txt · Last modified: 2019/07/14 21:51 by phil