|
|
@ -1,3 +1,5 @@ |
|
|
|
|
|
diff --git a/doc/example.conf.in b/doc/example.conf.in
|
|
|
|
|
|
index 60ed5c8..abd85f9 100644
|
|
|
--- a/doc/example.conf.in
|
|
|
--- a/doc/example.conf.in
|
|
|
+++ b/doc/example.conf.in
|
|
|
+++ b/doc/example.conf.in
|
|
|
@@ -38,6 +38,8 @@ server:
|
|
|
@@ -38,6 +38,8 @@ server:
|
|
|
@ -66,7 +68,7 @@ |
|
|
|
|
|
|
|
|
# the time to live (TTL) value lower bound, in seconds. Default 0. |
|
|
# the time to live (TTL) value lower bound, in seconds. Default 0. |
|
|
# If more than an hour could easily give trouble due to stale data. |
|
|
# If more than an hour could easily give trouble due to stale data. |
|
|
@@ -143,9 +154,11 @@ server:
|
|
|
|
|
|
|
|
|
@@ -146,9 +157,11 @@ server:
|
|
|
# the number of slabs must be a power of 2. |
|
|
# the number of slabs must be a power of 2. |
|
|
# more slabs reduce lock contention, but fragment memory usage. |
|
|
# more slabs reduce lock contention, but fragment memory usage. |
|
|
# infra-cache-slabs: 4 |
|
|
# infra-cache-slabs: 4 |
|
|
@ -78,7 +80,7 @@ |
|
|
|
|
|
|
|
|
# Enable IPv4, "yes" or "no". |
|
|
# Enable IPv4, "yes" or "no". |
|
|
# do-ip4: yes |
|
|
# do-ip4: yes |
|
|
@@ -178,6 +191,8 @@ server:
|
|
|
|
|
|
|
|
|
@@ -181,6 +194,8 @@ server:
|
|
|
# access-control: ::0/0 refuse |
|
|
# access-control: ::0/0 refuse |
|
|
# access-control: ::1 allow |
|
|
# access-control: ::1 allow |
|
|
# access-control: ::ffff:127.0.0.1 allow |
|
|
# access-control: ::ffff:127.0.0.1 allow |
|
|
@ -87,7 +89,7 @@ |
|
|
|
|
|
|
|
|
# if given, a chroot(2) is done to the given directory. |
|
|
# if given, a chroot(2) is done to the given directory. |
|
|
# i.e. you can chroot to the working directory, for example, |
|
|
# i.e. you can chroot to the working directory, for example, |
|
|
@@ -208,6 +223,7 @@ server:
|
|
|
|
|
|
|
|
|
@@ -211,6 +226,7 @@ server:
|
|
|
# and the given username is assumed. Default is user "unbound". |
|
|
# and the given username is assumed. Default is user "unbound". |
|
|
# If you give "" no privileges are dropped. |
|
|
# If you give "" no privileges are dropped. |
|
|
# username: "@UNBOUND_USERNAME@" |
|
|
# username: "@UNBOUND_USERNAME@" |
|
|
@ -95,7 +97,7 @@ |
|
|
|
|
|
|
|
|
# the working directory. The relative files in this config are |
|
|
# the working directory. The relative files in this config are |
|
|
# relative to this directory. If you give "" the working directory |
|
|
# relative to this directory. If you give "" the working directory |
|
|
@@ -230,10 +246,12 @@ server:
|
|
|
|
|
|
|
|
|
@@ -233,10 +249,12 @@ server:
|
|
|
|
|
|
|
|
|
# the pid file. Can be an absolute path outside of chroot/work dir. |
|
|
# the pid file. Can be an absolute path outside of chroot/work dir. |
|
|
# pidfile: "@UNBOUND_PIDFILE@" |
|
|
# pidfile: "@UNBOUND_PIDFILE@" |
|
|
@ -108,7 +110,7 @@ |
|
|
|
|
|
|
|
|
# enable to not answer id.server and hostname.bind queries. |
|
|
# enable to not answer id.server and hostname.bind queries. |
|
|
# hide-identity: no |
|
|
# hide-identity: no |
|
|
@@ -256,12 +274,15 @@ server:
|
|
|
|
|
|
|
|
|
@@ -259,12 +277,15 @@ server:
|
|
|
# positive value: fetch that many targets opportunistically. |
|
|
# positive value: fetch that many targets opportunistically. |
|
|
# Enclose the list of numbers between quotes (""). |
|
|
# Enclose the list of numbers between quotes (""). |
|
|
# target-fetch-policy: "3 2 1 0 0" |
|
|
# target-fetch-policy: "3 2 1 0 0" |
|
|
@ -124,7 +126,7 @@ |
|
|
|
|
|
|
|
|
# Harden against out of zone rrsets, to avoid spoofing attempts. |
|
|
# Harden against out of zone rrsets, to avoid spoofing attempts. |
|
|
# harden-glue: yes |
|
|
# harden-glue: yes |
|
|
@@ -342,7 +363,7 @@ server:
|
|
|
|
|
|
|
|
|
@@ -345,7 +366,7 @@ server:
|
|
|
# you start unbound (i.e. in the system boot scripts). And enable: |
|
|
# you start unbound (i.e. in the system boot scripts). And enable: |
|
|
# Please note usage of unbound-anchor root anchor is at your own risk |
|
|
# Please note usage of unbound-anchor root anchor is at your own risk |
|
|
# and under the terms of our LICENSE (see that file in the source). |
|
|
# and under the terms of our LICENSE (see that file in the source). |
|
|
@ -133,7 +135,7 @@ |
|
|
|
|
|
|
|
|
# File with DLV trusted keys. Same format as trust-anchor-file. |
|
|
# File with DLV trusted keys. Same format as trust-anchor-file. |
|
|
# There can be only one DLV configured, it is trusted from root down. |
|
|
# There can be only one DLV configured, it is trusted from root down. |
|
|
@@ -428,15 +449,18 @@ server:
|
|
|
|
|
|
|
|
|
@@ -431,15 +452,18 @@ server:
|
|
|
# the amount of memory to use for the key cache. |
|
|
# the amount of memory to use for the key cache. |
|
|
# plain value in bytes or you can append k, m or G. default is "4Mb". |
|
|
# plain value in bytes or you can append k, m or G. default is "4Mb". |
|
|
# key-cache-size: 4m |
|
|
# key-cache-size: 4m |
|
|
@ -149,6 +151,6 @@ |
|
|
# plain value in bytes or you can append k, m or G. default is "1Mb". |
|
|
# plain value in bytes or you can append k, m or G. default is "1Mb". |
|
|
# neg-cache-size: 1m |
|
|
# neg-cache-size: 1m |
|
|
+ neg-cache-size: 10k
|
|
|
+ neg-cache-size: 10k
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# By default, for a number of zones a small default 'nothing here' |
|
|
# By default, for a number of zones a small default 'nothing here' |
|
|
# reply is built-in. Query traffic is thus blocked. If you |
|
|
# reply is built-in. Query traffic is thus blocked. If you |
Ted Hess
10 years ago