User Tools

Site Tools


soft:unbound

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

soft:unbound [2019/07/14 21:51] (current)
phil created
Line 1: Line 1:
 +====== Unbound dns resolver ======
  
 +  * https://​calomel.org/​unbound_dns.html good overview of unbound
 +
 +My unbound configuration which focus on security and some privacy regarding my ISP by using cloudflare and quad9 on DNS over TLS.
 +
 +<file conf /​etc/​unbound/​unbound.conf>​
 +server:
 +  verbosity: 1
 +  use-syslog: yes
 +  interface: 0.0.0.0
 +  interface: ::
 +  access-control:​ 192.168.31.0/​24 allow
 +  access-control:​ 127.0.0.0/8 allow
 +  access-control:​ ::1/128 allow
 +  hide-identity:​ yes
 +  hide-version:​ yes
 +  minimal-responses:​ yes
 +  prefetch: yes
 +  qname-minimisation:​ yes
 +  rrset-roundrobin:​ yes
 +  cache-max-ttl:​ 14400
 +  # cache-min-ttl:​ 600
 +  do-tcp: yes
 +  do-udp: yes
 +  use-caps-for-id:​ yes
 +  # static dns entries (for internal dns)
 +  # local-zone: "​in.philpep.org."​ static
 +  # local-data: "​aldo.in.philpep.org IN A 192.168.31.254"​
 +  # local-data-ptr:​ "​192.168.31.254 aldo.in.philpep.org"​
 +  # [...]
 +
 +forward-zone:​
 +  name: "​."​
 +  forward-ssl-upstream:​ yes
 +  forward-addr:​ 1.1.1.1@853 ​        # cloudflare primary
 +  forward-addr:​ 1.0.0.1@853 ​        # cloudflare primary
 +  forward-addr:​ 9.9.9.9@853 ​        # quad9.net primary
 +  forward-addr:​ 149.112.112.112@853 # quad9.net secondary
 +</​file>​
soft/unbound.txt ยท Last modified: 2019/07/14 21:51 by phil