philpep's wiki

User Tools

Site Tools

Trace:
soft:unbound

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

soft:unbound [2019/07/14 21:51] (current)
phil created
Line 1: Line 1:
 +====== Unbound dns resolver ======
  
 +  * https://calomel.org/unbound_dns.html good overview of unbound
 +
 +My unbound configuration which focus on security and some privacy regarding my ISP by using cloudflare and quad9 on DNS over TLS.
 +
 +<file conf /etc/unbound/unbound.conf>
 +server:
 +  verbosity: 1
 +  use-syslog: yes
 +  interface: 0.0.0.0
 +  interface: ::
 +  access-control: 192.168.31.0/24 allow
 +  access-control: 127.0.0.0/8 allow
 +  access-control: ::1/128 allow
 +  hide-identity: yes
 +  hide-version: yes
 +  minimal-responses: yes
 +  prefetch: yes
 +  qname-minimisation: yes
 +  rrset-roundrobin: yes
 +  cache-max-ttl: 14400
 +  # cache-min-ttl: 600
 +  do-tcp: yes
 +  do-udp: yes
 +  use-caps-for-id: yes
 +  # static dns entries (for internal dns)
 +  # local-zone: "in.philpep.org." static
 +  # local-data: "aldo.in.philpep.org IN A 192.168.31.254"
 +  # local-data-ptr: "192.168.31.254 aldo.in.philpep.org"
 +  # [...]
 +
 +forward-zone:
 +  name: "."
 +  forward-ssl-upstream: yes
 +  forward-addr: 1.1.1.1@853         # cloudflare primary
 +  forward-addr: 1.0.0.1@853         # cloudflare primary
 +  forward-addr: 9.9.9.9@853         # quad9.net primary
 +  forward-addr: 149.112.112.112@853 # quad9.net secondary
 +</file>
soft/unbound.txt ยท Last modified: 2019/07/14 21:51 by phil

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki