You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
662 lines
34 KiB
662 lines
34 KiB
# Autogenerated configuration file template
|
|
#################################
|
|
# allow-from If set, only allow these comma separated netmasks to recurse
|
|
#
|
|
# allow-from=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10
|
|
|
|
#################################
|
|
# allow-from-file If set, load allowed netmasks from this file
|
|
#
|
|
# allow-from-file=
|
|
|
|
#################################
|
|
# any-to-tcp Answer ANY queries with tc=1, shunting to TCP
|
|
#
|
|
# any-to-tcp=no
|
|
|
|
#################################
|
|
# api-config-dir Directory where REST API stores config and zones
|
|
#
|
|
# api-config-dir=
|
|
|
|
#################################
|
|
# api-key Static pre-shared authentication key for access to the REST API
|
|
#
|
|
# api-key=
|
|
|
|
#################################
|
|
# auth-zones Zones for which we have authoritative data, comma separated domain=file pairs
|
|
#
|
|
# auth-zones=
|
|
|
|
#################################
|
|
# carbon-instance If set overwrites the the instance name default
|
|
#
|
|
# carbon-instance=recursor
|
|
|
|
#################################
|
|
# carbon-interval Number of seconds between carbon (graphite) updates
|
|
#
|
|
# carbon-interval=30
|
|
|
|
#################################
|
|
# carbon-namespace If set overwrites the first part of the carbon string
|
|
#
|
|
# carbon-namespace=pdns
|
|
|
|
#################################
|
|
# carbon-ourname If set, overrides our reported hostname for carbon stats
|
|
#
|
|
# carbon-ourname=
|
|
|
|
#################################
|
|
# carbon-server If set, send metrics in carbon (graphite) format to this server IP address
|
|
#
|
|
# carbon-server=
|
|
|
|
#################################
|
|
# chroot switch to chroot jail
|
|
#
|
|
# chroot=
|
|
|
|
#################################
|
|
# client-tcp-timeout Timeout in seconds when talking to TCP clients
|
|
#
|
|
# client-tcp-timeout=2
|
|
|
|
#################################
|
|
# config-dir Location of configuration directory (recursor.conf)
|
|
#
|
|
# config-dir=/etc/powerdns
|
|
|
|
#################################
|
|
# config-name Name of this virtual configuration - will rename the binary image
|
|
#
|
|
# config-name=
|
|
|
|
#################################
|
|
# cpu-map Thread to CPU mapping, space separated thread-id=cpu1,cpu2..cpuN pairs
|
|
#
|
|
# cpu-map=
|
|
|
|
#################################
|
|
# daemon Operate as a daemon
|
|
#
|
|
# daemon=no
|
|
|
|
#################################
|
|
# delegation-only Which domains we only accept delegations from
|
|
#
|
|
# delegation-only=
|
|
|
|
#################################
|
|
# disable-packetcache Disable packetcache
|
|
#
|
|
# disable-packetcache=no
|
|
|
|
#################################
|
|
# disable-syslog Disable logging to syslog, useful when running inside a supervisor that logs stdout
|
|
#
|
|
# disable-syslog=no
|
|
|
|
#################################
|
|
# distribution-load-factor The load factor used when PowerDNS is distributing queries to worker threads
|
|
#
|
|
# distribution-load-factor=0.0
|
|
|
|
#################################
|
|
# distribution-pipe-buffer-size Size in bytes of the internal buffer of the pipe used by the distributor to pass incoming queries to a worker thread
|
|
#
|
|
# distribution-pipe-buffer-size=0
|
|
|
|
#################################
|
|
# distributor-threads Launch this number of distributor threads, distributing queries to other threads
|
|
#
|
|
# distributor-threads=0
|
|
|
|
#################################
|
|
# dnssec DNSSEC mode: off/process-no-validate (default)/process/log-fail/validate
|
|
#
|
|
# dnssec=process-no-validate
|
|
|
|
#################################
|
|
# dnssec-log-bogus Log DNSSEC bogus validations
|
|
#
|
|
# dnssec-log-bogus=no
|
|
|
|
#################################
|
|
# dont-query If set, do not query these netmasks for DNS data
|
|
#
|
|
# dont-query=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32
|
|
|
|
#################################
|
|
# dont-throttle-names Do not throttle nameservers with this name or suffix
|
|
#
|
|
# dont-throttle-names=
|
|
|
|
#################################
|
|
# dont-throttle-netmasks Do not throttle nameservers with this IP netmask
|
|
#
|
|
# dont-throttle-netmasks=
|
|
|
|
#################################
|
|
# ecs-add-for List of client netmasks for which EDNS Client Subnet will be added
|
|
#
|
|
# ecs-add-for=0.0.0.0/0, ::/0, !127.0.0.0/8, !10.0.0.0/8, !100.64.0.0/10, !169.254.0.0/16, !192.168.0.0/16, !172.16.0.0/12, !::1/128, !fc00::/7, !fe80::/10
|
|
|
|
#################################
|
|
# ecs-cache-limit-ttl Minimum TTL to cache ECS response
|
|
#
|
|
# ecs-cache-limit-ttl=0
|
|
|
|
#################################
|
|
# ecs-ipv4-bits Number of bits of IPv4 address to pass for EDNS Client Subnet
|
|
#
|
|
# ecs-ipv4-bits=24
|
|
|
|
#################################
|
|
# ecs-ipv4-cache-bits Maximum number of bits of IPv4 mask to cache ECS response
|
|
#
|
|
# ecs-ipv4-cache-bits=24
|
|
|
|
#################################
|
|
# ecs-ipv6-bits Number of bits of IPv6 address to pass for EDNS Client Subnet
|
|
#
|
|
# ecs-ipv6-bits=56
|
|
|
|
#################################
|
|
# ecs-ipv6-cache-bits Maximum number of bits of IPv6 mask to cache ECS response
|
|
#
|
|
# ecs-ipv6-cache-bits=56
|
|
|
|
#################################
|
|
# ecs-minimum-ttl-override Set under adverse conditions, a minimum TTL for records in ECS-specific answers
|
|
#
|
|
# ecs-minimum-ttl-override=0
|
|
|
|
#################################
|
|
# ecs-scope-zero-address Address to send to whitelisted authoritative servers for incoming queries with ECS prefix-length source of 0
|
|
#
|
|
# ecs-scope-zero-address=
|
|
|
|
#################################
|
|
# edns-outgoing-bufsize Outgoing EDNS buffer size
|
|
#
|
|
# edns-outgoing-bufsize=1232
|
|
|
|
#################################
|
|
# edns-subnet-whitelist List of netmasks and domains that we should enable EDNS subnet for
|
|
#
|
|
# edns-subnet-whitelist=
|
|
|
|
#################################
|
|
# entropy-source If set, read entropy from this file
|
|
#
|
|
# entropy-source=/dev/urandom
|
|
|
|
#################################
|
|
# etc-hosts-file Path to 'hosts' file
|
|
#
|
|
# etc-hosts-file=/etc/hosts
|
|
|
|
#################################
|
|
# export-etc-hosts If we should serve up contents from /etc/hosts
|
|
#
|
|
# export-etc-hosts=off
|
|
|
|
#################################
|
|
# export-etc-hosts-search-suffix Also serve up the contents of /etc/hosts with this suffix
|
|
#
|
|
# export-etc-hosts-search-suffix=
|
|
|
|
#################################
|
|
# forward-zones Zones for which we forward queries, comma separated domain=ip pairs
|
|
#
|
|
# forward-zones=
|
|
|
|
#################################
|
|
# forward-zones-file File with (+)domain=ip pairs for forwarding
|
|
#
|
|
# forward-zones-file=
|
|
|
|
#################################
|
|
# forward-zones-recurse Zones for which we forward queries with recursion bit, comma separated domain=ip pairs
|
|
#
|
|
# forward-zones-recurse=
|
|
|
|
#################################
|
|
# gettag-needs-edns-options If EDNS Options should be extracted before calling the gettag() hook
|
|
#
|
|
# gettag-needs-edns-options=no
|
|
|
|
#################################
|
|
# hint-file If set, load root hints from this file
|
|
#
|
|
# hint-file=
|
|
|
|
#################################
|
|
# include-dir Include *.conf files from this directory
|
|
#
|
|
# include-dir=
|
|
|
|
#################################
|
|
# latency-statistic-size Number of latency values to calculate the qa-latency average
|
|
#
|
|
# latency-statistic-size=10000
|
|
|
|
#################################
|
|
# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
|
|
#
|
|
# local-address=127.0.0.1
|
|
|
|
#################################
|
|
# local-port port to listen on
|
|
#
|
|
# local-port=53
|
|
|
|
#################################
|
|
# log-common-errors If we should log rather common errors
|
|
#
|
|
# log-common-errors=no
|
|
|
|
#################################
|
|
# log-rpz-changes Log additions and removals to RPZ zones at Info level
|
|
#
|
|
# log-rpz-changes=no
|
|
|
|
#################################
|
|
# log-timestamp Print timestamps in log lines, useful to disable when running with a tool that timestamps stdout already
|
|
#
|
|
# log-timestamp=yes
|
|
|
|
#################################
|
|
# logging-facility Facility to log messages as. 0 corresponds to local0
|
|
#
|
|
# logging-facility=
|
|
|
|
#################################
|
|
# loglevel Amount of logging. Higher is more. Do not set below 3
|
|
#
|
|
# loglevel=6
|
|
|
|
#################################
|
|
# lowercase-outgoing Force outgoing questions to lowercase
|
|
#
|
|
# lowercase-outgoing=no
|
|
|
|
#################################
|
|
# lua-config-file More powerful configuration options
|
|
#
|
|
# lua-config-file=
|
|
|
|
#################################
|
|
# lua-dns-script Filename containing an optional 'lua' script that will be used to modify dns answers
|
|
#
|
|
# lua-dns-script=
|
|
|
|
#################################
|
|
# lua-maintenance-interval Number of seconds between calls to the lua user defined maintenance() function
|
|
#
|
|
# lua-maintenance-interval=1
|
|
|
|
#################################
|
|
# max-cache-bogus-ttl maximum number of seconds to keep a Bogus (positive or negative) cached entry in memory
|
|
#
|
|
# max-cache-bogus-ttl=3600
|
|
|
|
#################################
|
|
# max-cache-entries If set, maximum number of entries in the main cache
|
|
#
|
|
# max-cache-entries=1000000
|
|
|
|
#################################
|
|
# max-cache-ttl maximum number of seconds to keep a cached entry in memory
|
|
#
|
|
# max-cache-ttl=86400
|
|
|
|
#################################
|
|
# max-mthreads Maximum number of simultaneous Mtasker threads
|
|
#
|
|
# max-mthreads=2048
|
|
|
|
#################################
|
|
# max-negative-ttl maximum number of seconds to keep a negative cached entry in memory
|
|
#
|
|
# max-negative-ttl=3600
|
|
|
|
#################################
|
|
# max-packetcache-entries maximum number of entries to keep in the packetcache
|
|
#
|
|
# max-packetcache-entries=500000
|
|
|
|
#################################
|
|
# max-qperq Maximum outgoing queries per query
|
|
#
|
|
# max-qperq=50
|
|
|
|
#################################
|
|
# max-recursion-depth Maximum number of internal recursion calls per query, 0 for unlimited
|
|
#
|
|
# max-recursion-depth=40
|
|
|
|
#################################
|
|
# max-tcp-clients Maximum number of simultaneous TCP clients
|
|
#
|
|
# max-tcp-clients=128
|
|
|
|
#################################
|
|
# max-tcp-per-client If set, maximum number of TCP sessions per client (IP address)
|
|
#
|
|
# max-tcp-per-client=0
|
|
|
|
#################################
|
|
# max-tcp-queries-per-connection If set, maximum number of TCP queries in a TCP connection
|
|
#
|
|
# max-tcp-queries-per-connection=0
|
|
|
|
#################################
|
|
# max-total-msec Maximum total wall-clock time per query in milliseconds, 0 for unlimited
|
|
#
|
|
# max-total-msec=7000
|
|
|
|
#################################
|
|
# max-udp-queries-per-round Maximum number of UDP queries processed per recvmsg() round, before returning back to normal processing
|
|
#
|
|
# max-udp-queries-per-round=10000
|
|
|
|
#################################
|
|
# minimum-ttl-override Set under adverse conditions, a minimum TTL
|
|
#
|
|
# minimum-ttl-override=0
|
|
|
|
#################################
|
|
# network-timeout Wait this number of milliseconds for network i/o
|
|
#
|
|
# network-timeout=1500
|
|
|
|
#################################
|
|
# no-shuffle Don't change
|
|
#
|
|
# no-shuffle=off
|
|
|
|
#################################
|
|
# non-local-bind Enable binding to non-local addresses by using FREEBIND / BINDANY socket options
|
|
#
|
|
# non-local-bind=no
|
|
|
|
#################################
|
|
# nsec3-max-iterations Maximum number of iterations allowed for an NSEC3 record
|
|
#
|
|
# nsec3-max-iterations=2500
|
|
|
|
#################################
|
|
# packetcache-servfail-ttl maximum number of seconds to keep a cached servfail entry in packetcache
|
|
#
|
|
# packetcache-servfail-ttl=60
|
|
|
|
#################################
|
|
# packetcache-ttl maximum number of seconds to keep a cached entry in packetcache
|
|
#
|
|
# packetcache-ttl=3600
|
|
|
|
#################################
|
|
# pdns-distributes-queries If PowerDNS itself should distribute queries over threads
|
|
#
|
|
# pdns-distributes-queries=yes
|
|
|
|
#################################
|
|
# processes Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)
|
|
#
|
|
# processes=1
|
|
|
|
#################################
|
|
# protobuf-use-kernel-timestamp Compute the latency of queries in protobuf messages by using the timestamp set by the kernel when the query was received (when available)
|
|
#
|
|
# protobuf-use-kernel-timestamp=
|
|
|
|
#################################
|
|
# public-suffix-list-file Path to the Public Suffix List file, if any
|
|
#
|
|
# public-suffix-list-file=
|
|
|
|
#################################
|
|
# query-local-address Source IP address for sending queries
|
|
#
|
|
# query-local-address=0.0.0.0
|
|
|
|
#################################
|
|
# query-local-address6 Source IPv6 address for sending queries. IF UNSET, IPv6 WILL NOT BE USED FOR OUTGOING QUERIES
|
|
#
|
|
# query-local-address6=
|
|
|
|
#################################
|
|
# quiet Suppress logging of questions and answers
|
|
#
|
|
# quiet=
|
|
|
|
#################################
|
|
# reuseport Enable SO_REUSEPORT allowing multiple recursors processes to listen to 1 address
|
|
#
|
|
# reuseport=no
|
|
|
|
#################################
|
|
# rng Specify random number generator to use. Valid values are auto,sodium,openssl,getrandom,arc4random,urandom.
|
|
#
|
|
# rng=auto
|
|
|
|
#################################
|
|
# root-nx-trust If set, believe that an NXDOMAIN from the root means the TLD does not exist
|
|
#
|
|
# root-nx-trust=yes
|
|
|
|
#################################
|
|
# security-poll-suffix Domain name from which to query security update notifications
|
|
#
|
|
# security-poll-suffix=secpoll.powerdns.com.
|
|
|
|
#################################
|
|
# serve-rfc1918 If we should be authoritative for RFC 1918 private IP space
|
|
#
|
|
# serve-rfc1918=yes
|
|
|
|
#################################
|
|
# server-down-max-fails Maximum number of consecutive timeouts (and unreachables) to mark a server as down ( 0 => disabled )
|
|
#
|
|
# server-down-max-fails=64
|
|
|
|
#################################
|
|
# server-down-throttle-time Number of seconds to throttle all queries to a server after being marked as down
|
|
#
|
|
# server-down-throttle-time=60
|
|
|
|
#################################
|
|
# server-id Returned when queried for 'id.server' TXT or NSID, defaults to hostname, set custom or 'disabled'
|
|
#
|
|
# server-id=
|
|
|
|
#################################
|
|
# setgid If set, change group id to this gid for more security
|
|
#
|
|
# setgid=
|
|
|
|
#################################
|
|
# setuid If set, change user id to this uid for more security
|
|
#
|
|
# setuid=
|
|
|
|
#################################
|
|
# signature-inception-skew Allow the signature inception to be off by this number of seconds
|
|
#
|
|
# signature-inception-skew=60
|
|
|
|
#################################
|
|
# single-socket If set, only use a single socket for outgoing queries
|
|
#
|
|
# single-socket=off
|
|
|
|
#################################
|
|
# snmp-agent If set, register as an SNMP agent
|
|
#
|
|
# snmp-agent=no
|
|
|
|
#################################
|
|
# snmp-master-socket If set and snmp-agent is set, the socket to use to register to the SNMP master
|
|
#
|
|
# snmp-master-socket=
|
|
|
|
#################################
|
|
# soa-minimum-ttl Don't change
|
|
#
|
|
# soa-minimum-ttl=0
|
|
|
|
#################################
|
|
# socket-dir Where the controlsocket will live, /var/run when unset and not chrooted
|
|
#
|
|
# socket-dir=
|
|
|
|
#################################
|
|
# socket-group Group of socket
|
|
#
|
|
# socket-group=
|
|
|
|
#################################
|
|
# socket-mode Permissions for socket
|
|
#
|
|
# socket-mode=
|
|
|
|
#################################
|
|
# socket-owner Owner of socket
|
|
#
|
|
# socket-owner=
|
|
|
|
#################################
|
|
# spoof-nearmiss-max If non-zero, assume spoofing after this many near misses
|
|
#
|
|
# spoof-nearmiss-max=20
|
|
|
|
#################################
|
|
# stack-size stack size per mthread
|
|
#
|
|
# stack-size=200000
|
|
|
|
#################################
|
|
# statistics-interval Number of seconds between printing of recursor statistics, 0 to disable
|
|
#
|
|
# statistics-interval=1800
|
|
|
|
#################################
|
|
# stats-api-blacklist List of statistics that are disabled when retrieving the complete list of statistics via the API
|
|
#
|
|
# stats-api-blacklist=cache-bytes, packetcache-bytes, special-memory-usage, ecs-v4-response-bits-1, ecs-v4-response-bits-2, ecs-v4-response-bits-3, ecs-v4-response-bits-4, ecs-v4-response-bits-5, ecs-v4-response-bits-6, ecs-v4-response-bits-7, ecs-v4-response-bits-8, ecs-v4-response-bits-9, ecs-v4-response-bits-10, ecs-v4-response-bits-11, ecs-v4-response-bits-12, ecs-v4-response-bits-13, ecs-v4-response-bits-14, ecs-v4-response-bits-15, ecs-v4-response-bits-16, ecs-v4-response-bits-17, ecs-v4-response-bits-18, ecs-v4-response-bits-19, ecs-v4-response-bits-20, ecs-v4-response-bits-21, ecs-v4-response-bits-22, ecs-v4-response-bits-23, ecs-v4-response-bits-24, ecs-v4-response-bits-25, ecs-v4-response-bits-26, ecs-v4-response-bits-27, ecs-v4-response-bits-28, ecs-v4-response-bits-29, ecs-v4-response-bits-30, ecs-v4-response-bits-31, ecs-v4-response-bits-32, ecs-v6-response-bits-1, ecs-v6-response-bits-2, ecs-v6-response-bits-3, ecs-v6-response-bits-4, ecs-v6-response-bits-5, ecs-v6-response-bits-6, ecs-v6-response-bits-7, ecs-v6-response-bits-8, ecs-v6-response-bits-9, ecs-v6-response-bits-10, ecs-v6-response-bits-11, ecs-v6-response-bits-12, ecs-v6-response-bits-13, ecs-v6-response-bits-14, ecs-v6-response-bits-15, ecs-v6-response-bits-16, ecs-v6-response-bits-17, ecs-v6-response-bits-18, ecs-v6-response-bits-19, ecs-v6-response-bits-20, ecs-v6-response-bits-21, ecs-v6-response-bits-22, ecs-v6-response-bits-23, ecs-v6-response-bits-24, ecs-v6-response-bits-25, ecs-v6-response-bits-26, ecs-v6-response-bits-27, ecs-v6-response-bits-28, ecs-v6-response-bits-29, ecs-v6-response-bits-30, ecs-v6-response-bits-31, ecs-v6-response-bits-32, ecs-v6-response-bits-33, ecs-v6-response-bits-34, ecs-v6-response-bits-35, ecs-v6-response-bits-36, ecs-v6-response-bits-37, ecs-v6-response-bits-38, ecs-v6-response-bits-39, ecs-v6-response-bits-40, ecs-v6-response-bits-41, ecs-v6-response-bits-42, ecs-v6-response-bits-43, ecs-v6-response-bits-44, ecs-v6-response-bits-45, ecs-v6-response-bits-46, ecs-v6-response-bits-47, ecs-v6-response-bits-48, ecs-v6-response-bits-49, ecs-v6-response-bits-50, ecs-v6-response-bits-51, ecs-v6-response-bits-52, ecs-v6-response-bits-53, ecs-v6-response-bits-54, ecs-v6-response-bits-55, ecs-v6-response-bits-56, ecs-v6-response-bits-57, ecs-v6-response-bits-58, ecs-v6-response-bits-59, ecs-v6-response-bits-60, ecs-v6-response-bits-61, ecs-v6-response-bits-62, ecs-v6-response-bits-63, ecs-v6-response-bits-64, ecs-v6-response-bits-65, ecs-v6-response-bits-66, ecs-v6-response-bits-67, ecs-v6-response-bits-68, ecs-v6-response-bits-69, ecs-v6-response-bits-70, ecs-v6-response-bits-71, ecs-v6-response-bits-72, ecs-v6-response-bits-73, ecs-v6-response-bits-74, ecs-v6-response-bits-75, ecs-v6-response-bits-76, ecs-v6-response-bits-77, ecs-v6-response-bits-78, ecs-v6-response-bits-79, ecs-v6-response-bits-80, ecs-v6-response-bits-81, ecs-v6-response-bits-82, ecs-v6-response-bits-83, ecs-v6-response-bits-84, ecs-v6-response-bits-85, ecs-v6-response-bits-86, ecs-v6-response-bits-87, ecs-v6-response-bits-88, ecs-v6-response-bits-89, ecs-v6-response-bits-90, ecs-v6-response-bits-91, ecs-v6-response-bits-92, ecs-v6-response-bits-93, ecs-v6-response-bits-94, ecs-v6-response-bits-95, ecs-v6-response-bits-96, ecs-v6-response-bits-97, ecs-v6-response-bits-98, ecs-v6-response-bits-99, ecs-v6-response-bits-100, ecs-v6-response-bits-101, ecs-v6-response-bits-102, ecs-v6-response-bits-103, ecs-v6-response-bits-104, ecs-v6-response-bits-105, ecs-v6-response-bits-106, ecs-v6-response-bits-107, ecs-v6-response-bits-108, ecs-v6-response-bits-109, ecs-v6-response-bits-110, ecs-v6-response-bits-111, ecs-v6-response-bits-112, ecs-v6-response-bits-113, ecs-v6-response-bits-114, ecs-v6-response-bits-115, ecs-v6-response-bits-116, ecs-v6-response-bits-117, ecs-v6-response-bits-118, ecs-v6-response-bits-119, ecs-v6-response-bits-120, ecs-v6-response-bits-121, ecs-v6-response-bits-122, ecs-v6-response-bits-123, ecs-v6-response-bits-124, ecs-v6-response-bits-125, ecs-v6-response-bits-126, ecs-v6-response-bits-127, ecs-v6-response-bits-128
|
|
|
|
#################################
|
|
# stats-carbon-blacklist List of statistics that are prevented from being exported via Carbon
|
|
#
|
|
# stats-carbon-blacklist=cache-bytes, packetcache-bytes, special-memory-usage, ecs-v4-response-bits-1, ecs-v4-response-bits-2, ecs-v4-response-bits-3, ecs-v4-response-bits-4, ecs-v4-response-bits-5, ecs-v4-response-bits-6, ecs-v4-response-bits-7, ecs-v4-response-bits-8, ecs-v4-response-bits-9, ecs-v4-response-bits-10, ecs-v4-response-bits-11, ecs-v4-response-bits-12, ecs-v4-response-bits-13, ecs-v4-response-bits-14, ecs-v4-response-bits-15, ecs-v4-response-bits-16, ecs-v4-response-bits-17, ecs-v4-response-bits-18, ecs-v4-response-bits-19, ecs-v4-response-bits-20, ecs-v4-response-bits-21, ecs-v4-response-bits-22, ecs-v4-response-bits-23, ecs-v4-response-bits-24, ecs-v4-response-bits-25, ecs-v4-response-bits-26, ecs-v4-response-bits-27, ecs-v4-response-bits-28, ecs-v4-response-bits-29, ecs-v4-response-bits-30, ecs-v4-response-bits-31, ecs-v4-response-bits-32, ecs-v6-response-bits-1, ecs-v6-response-bits-2, ecs-v6-response-bits-3, ecs-v6-response-bits-4, ecs-v6-response-bits-5, ecs-v6-response-bits-6, ecs-v6-response-bits-7, ecs-v6-response-bits-8, ecs-v6-response-bits-9, ecs-v6-response-bits-10, ecs-v6-response-bits-11, ecs-v6-response-bits-12, ecs-v6-response-bits-13, ecs-v6-response-bits-14, ecs-v6-response-bits-15, ecs-v6-response-bits-16, ecs-v6-response-bits-17, ecs-v6-response-bits-18, ecs-v6-response-bits-19, ecs-v6-response-bits-20, ecs-v6-response-bits-21, ecs-v6-response-bits-22, ecs-v6-response-bits-23, ecs-v6-response-bits-24, ecs-v6-response-bits-25, ecs-v6-response-bits-26, ecs-v6-response-bits-27, ecs-v6-response-bits-28, ecs-v6-response-bits-29, ecs-v6-response-bits-30, ecs-v6-response-bits-31, ecs-v6-response-bits-32, ecs-v6-response-bits-33, ecs-v6-response-bits-34, ecs-v6-response-bits-35, ecs-v6-response-bits-36, ecs-v6-response-bits-37, ecs-v6-response-bits-38, ecs-v6-response-bits-39, ecs-v6-response-bits-40, ecs-v6-response-bits-41, ecs-v6-response-bits-42, ecs-v6-response-bits-43, ecs-v6-response-bits-44, ecs-v6-response-bits-45, ecs-v6-response-bits-46, ecs-v6-response-bits-47, ecs-v6-response-bits-48, ecs-v6-response-bits-49, ecs-v6-response-bits-50, ecs-v6-response-bits-51, ecs-v6-response-bits-52, ecs-v6-response-bits-53, ecs-v6-response-bits-54, ecs-v6-response-bits-55, ecs-v6-response-bits-56, ecs-v6-response-bits-57, ecs-v6-response-bits-58, ecs-v6-response-bits-59, ecs-v6-response-bits-60, ecs-v6-response-bits-61, ecs-v6-response-bits-62, ecs-v6-response-bits-63, ecs-v6-response-bits-64, ecs-v6-response-bits-65, ecs-v6-response-bits-66, ecs-v6-response-bits-67, ecs-v6-response-bits-68, ecs-v6-response-bits-69, ecs-v6-response-bits-70, ecs-v6-response-bits-71, ecs-v6-response-bits-72, ecs-v6-response-bits-73, ecs-v6-response-bits-74, ecs-v6-response-bits-75, ecs-v6-response-bits-76, ecs-v6-response-bits-77, ecs-v6-response-bits-78, ecs-v6-response-bits-79, ecs-v6-response-bits-80, ecs-v6-response-bits-81, ecs-v6-response-bits-82, ecs-v6-response-bits-83, ecs-v6-response-bits-84, ecs-v6-response-bits-85, ecs-v6-response-bits-86, ecs-v6-response-bits-87, ecs-v6-response-bits-88, ecs-v6-response-bits-89, ecs-v6-response-bits-90, ecs-v6-response-bits-91, ecs-v6-response-bits-92, ecs-v6-response-bits-93, ecs-v6-response-bits-94, ecs-v6-response-bits-95, ecs-v6-response-bits-96, ecs-v6-response-bits-97, ecs-v6-response-bits-98, ecs-v6-response-bits-99, ecs-v6-response-bits-100, ecs-v6-response-bits-101, ecs-v6-response-bits-102, ecs-v6-response-bits-103, ecs-v6-response-bits-104, ecs-v6-response-bits-105, ecs-v6-response-bits-106, ecs-v6-response-bits-107, ecs-v6-response-bits-108, ecs-v6-response-bits-109, ecs-v6-response-bits-110, ecs-v6-response-bits-111, ecs-v6-response-bits-112, ecs-v6-response-bits-113, ecs-v6-response-bits-114, ecs-v6-response-bits-115, ecs-v6-response-bits-116, ecs-v6-response-bits-117, ecs-v6-response-bits-118, ecs-v6-response-bits-119, ecs-v6-response-bits-120, ecs-v6-response-bits-121, ecs-v6-response-bits-122, ecs-v6-response-bits-123, ecs-v6-response-bits-124, ecs-v6-response-bits-125, ecs-v6-response-bits-126, ecs-v6-response-bits-127, ecs-v6-response-bits-128
|
|
|
|
#################################
|
|
# stats-rec-control-blacklist List of statistics that are prevented from being exported via rec_control get-all
|
|
#
|
|
# stats-rec-control-blacklist=cache-bytes, packetcache-bytes, special-memory-usage, ecs-v4-response-bits-1, ecs-v4-response-bits-2, ecs-v4-response-bits-3, ecs-v4-response-bits-4, ecs-v4-response-bits-5, ecs-v4-response-bits-6, ecs-v4-response-bits-7, ecs-v4-response-bits-8, ecs-v4-response-bits-9, ecs-v4-response-bits-10, ecs-v4-response-bits-11, ecs-v4-response-bits-12, ecs-v4-response-bits-13, ecs-v4-response-bits-14, ecs-v4-response-bits-15, ecs-v4-response-bits-16, ecs-v4-response-bits-17, ecs-v4-response-bits-18, ecs-v4-response-bits-19, ecs-v4-response-bits-20, ecs-v4-response-bits-21, ecs-v4-response-bits-22, ecs-v4-response-bits-23, ecs-v4-response-bits-24, ecs-v4-response-bits-25, ecs-v4-response-bits-26, ecs-v4-response-bits-27, ecs-v4-response-bits-28, ecs-v4-response-bits-29, ecs-v4-response-bits-30, ecs-v4-response-bits-31, ecs-v4-response-bits-32, ecs-v6-response-bits-1, ecs-v6-response-bits-2, ecs-v6-response-bits-3, ecs-v6-response-bits-4, ecs-v6-response-bits-5, ecs-v6-response-bits-6, ecs-v6-response-bits-7, ecs-v6-response-bits-8, ecs-v6-response-bits-9, ecs-v6-response-bits-10, ecs-v6-response-bits-11, ecs-v6-response-bits-12, ecs-v6-response-bits-13, ecs-v6-response-bits-14, ecs-v6-response-bits-15, ecs-v6-response-bits-16, ecs-v6-response-bits-17, ecs-v6-response-bits-18, ecs-v6-response-bits-19, ecs-v6-response-bits-20, ecs-v6-response-bits-21, ecs-v6-response-bits-22, ecs-v6-response-bits-23, ecs-v6-response-bits-24, ecs-v6-response-bits-25, ecs-v6-response-bits-26, ecs-v6-response-bits-27, ecs-v6-response-bits-28, ecs-v6-response-bits-29, ecs-v6-response-bits-30, ecs-v6-response-bits-31, ecs-v6-response-bits-32, ecs-v6-response-bits-33, ecs-v6-response-bits-34, ecs-v6-response-bits-35, ecs-v6-response-bits-36, ecs-v6-response-bits-37, ecs-v6-response-bits-38, ecs-v6-response-bits-39, ecs-v6-response-bits-40, ecs-v6-response-bits-41, ecs-v6-response-bits-42, ecs-v6-response-bits-43, ecs-v6-response-bits-44, ecs-v6-response-bits-45, ecs-v6-response-bits-46, ecs-v6-response-bits-47, ecs-v6-response-bits-48, ecs-v6-response-bits-49, ecs-v6-response-bits-50, ecs-v6-response-bits-51, ecs-v6-response-bits-52, ecs-v6-response-bits-53, ecs-v6-response-bits-54, ecs-v6-response-bits-55, ecs-v6-response-bits-56, ecs-v6-response-bits-57, ecs-v6-response-bits-58, ecs-v6-response-bits-59, ecs-v6-response-bits-60, ecs-v6-response-bits-61, ecs-v6-response-bits-62, ecs-v6-response-bits-63, ecs-v6-response-bits-64, ecs-v6-response-bits-65, ecs-v6-response-bits-66, ecs-v6-response-bits-67, ecs-v6-response-bits-68, ecs-v6-response-bits-69, ecs-v6-response-bits-70, ecs-v6-response-bits-71, ecs-v6-response-bits-72, ecs-v6-response-bits-73, ecs-v6-response-bits-74, ecs-v6-response-bits-75, ecs-v6-response-bits-76, ecs-v6-response-bits-77, ecs-v6-response-bits-78, ecs-v6-response-bits-79, ecs-v6-response-bits-80, ecs-v6-response-bits-81, ecs-v6-response-bits-82, ecs-v6-response-bits-83, ecs-v6-response-bits-84, ecs-v6-response-bits-85, ecs-v6-response-bits-86, ecs-v6-response-bits-87, ecs-v6-response-bits-88, ecs-v6-response-bits-89, ecs-v6-response-bits-90, ecs-v6-response-bits-91, ecs-v6-response-bits-92, ecs-v6-response-bits-93, ecs-v6-response-bits-94, ecs-v6-response-bits-95, ecs-v6-response-bits-96, ecs-v6-response-bits-97, ecs-v6-response-bits-98, ecs-v6-response-bits-99, ecs-v6-response-bits-100, ecs-v6-response-bits-101, ecs-v6-response-bits-102, ecs-v6-response-bits-103, ecs-v6-response-bits-104, ecs-v6-response-bits-105, ecs-v6-response-bits-106, ecs-v6-response-bits-107, ecs-v6-response-bits-108, ecs-v6-response-bits-109, ecs-v6-response-bits-110, ecs-v6-response-bits-111, ecs-v6-response-bits-112, ecs-v6-response-bits-113, ecs-v6-response-bits-114, ecs-v6-response-bits-115, ecs-v6-response-bits-116, ecs-v6-response-bits-117, ecs-v6-response-bits-118, ecs-v6-response-bits-119, ecs-v6-response-bits-120, ecs-v6-response-bits-121, ecs-v6-response-bits-122, ecs-v6-response-bits-123, ecs-v6-response-bits-124, ecs-v6-response-bits-125, ecs-v6-response-bits-126, ecs-v6-response-bits-127, ecs-v6-response-bits-128
|
|
|
|
#################################
|
|
# stats-ringbuffer-entries maximum number of packets to store statistics for
|
|
#
|
|
# stats-ringbuffer-entries=10000
|
|
|
|
#################################
|
|
# stats-snmp-blacklist List of statistics that are prevented from being exported via SNMP
|
|
#
|
|
# stats-snmp-blacklist=cache-bytes, packetcache-bytes, special-memory-usage, ecs-v4-response-bits-1, ecs-v4-response-bits-2, ecs-v4-response-bits-3, ecs-v4-response-bits-4, ecs-v4-response-bits-5, ecs-v4-response-bits-6, ecs-v4-response-bits-7, ecs-v4-response-bits-8, ecs-v4-response-bits-9, ecs-v4-response-bits-10, ecs-v4-response-bits-11, ecs-v4-response-bits-12, ecs-v4-response-bits-13, ecs-v4-response-bits-14, ecs-v4-response-bits-15, ecs-v4-response-bits-16, ecs-v4-response-bits-17, ecs-v4-response-bits-18, ecs-v4-response-bits-19, ecs-v4-response-bits-20, ecs-v4-response-bits-21, ecs-v4-response-bits-22, ecs-v4-response-bits-23, ecs-v4-response-bits-24, ecs-v4-response-bits-25, ecs-v4-response-bits-26, ecs-v4-response-bits-27, ecs-v4-response-bits-28, ecs-v4-response-bits-29, ecs-v4-response-bits-30, ecs-v4-response-bits-31, ecs-v4-response-bits-32, ecs-v6-response-bits-1, ecs-v6-response-bits-2, ecs-v6-response-bits-3, ecs-v6-response-bits-4, ecs-v6-response-bits-5, ecs-v6-response-bits-6, ecs-v6-response-bits-7, ecs-v6-response-bits-8, ecs-v6-response-bits-9, ecs-v6-response-bits-10, ecs-v6-response-bits-11, ecs-v6-response-bits-12, ecs-v6-response-bits-13, ecs-v6-response-bits-14, ecs-v6-response-bits-15, ecs-v6-response-bits-16, ecs-v6-response-bits-17, ecs-v6-response-bits-18, ecs-v6-response-bits-19, ecs-v6-response-bits-20, ecs-v6-response-bits-21, ecs-v6-response-bits-22, ecs-v6-response-bits-23, ecs-v6-response-bits-24, ecs-v6-response-bits-25, ecs-v6-response-bits-26, ecs-v6-response-bits-27, ecs-v6-response-bits-28, ecs-v6-response-bits-29, ecs-v6-response-bits-30, ecs-v6-response-bits-31, ecs-v6-response-bits-32, ecs-v6-response-bits-33, ecs-v6-response-bits-34, ecs-v6-response-bits-35, ecs-v6-response-bits-36, ecs-v6-response-bits-37, ecs-v6-response-bits-38, ecs-v6-response-bits-39, ecs-v6-response-bits-40, ecs-v6-response-bits-41, ecs-v6-response-bits-42, ecs-v6-response-bits-43, ecs-v6-response-bits-44, ecs-v6-response-bits-45, ecs-v6-response-bits-46, ecs-v6-response-bits-47, ecs-v6-response-bits-48, ecs-v6-response-bits-49, ecs-v6-response-bits-50, ecs-v6-response-bits-51, ecs-v6-response-bits-52, ecs-v6-response-bits-53, ecs-v6-response-bits-54, ecs-v6-response-bits-55, ecs-v6-response-bits-56, ecs-v6-response-bits-57, ecs-v6-response-bits-58, ecs-v6-response-bits-59, ecs-v6-response-bits-60, ecs-v6-response-bits-61, ecs-v6-response-bits-62, ecs-v6-response-bits-63, ecs-v6-response-bits-64, ecs-v6-response-bits-65, ecs-v6-response-bits-66, ecs-v6-response-bits-67, ecs-v6-response-bits-68, ecs-v6-response-bits-69, ecs-v6-response-bits-70, ecs-v6-response-bits-71, ecs-v6-response-bits-72, ecs-v6-response-bits-73, ecs-v6-response-bits-74, ecs-v6-response-bits-75, ecs-v6-response-bits-76, ecs-v6-response-bits-77, ecs-v6-response-bits-78, ecs-v6-response-bits-79, ecs-v6-response-bits-80, ecs-v6-response-bits-81, ecs-v6-response-bits-82, ecs-v6-response-bits-83, ecs-v6-response-bits-84, ecs-v6-response-bits-85, ecs-v6-response-bits-86, ecs-v6-response-bits-87, ecs-v6-response-bits-88, ecs-v6-response-bits-89, ecs-v6-response-bits-90, ecs-v6-response-bits-91, ecs-v6-response-bits-92, ecs-v6-response-bits-93, ecs-v6-response-bits-94, ecs-v6-response-bits-95, ecs-v6-response-bits-96, ecs-v6-response-bits-97, ecs-v6-response-bits-98, ecs-v6-response-bits-99, ecs-v6-response-bits-100, ecs-v6-response-bits-101, ecs-v6-response-bits-102, ecs-v6-response-bits-103, ecs-v6-response-bits-104, ecs-v6-response-bits-105, ecs-v6-response-bits-106, ecs-v6-response-bits-107, ecs-v6-response-bits-108, ecs-v6-response-bits-109, ecs-v6-response-bits-110, ecs-v6-response-bits-111, ecs-v6-response-bits-112, ecs-v6-response-bits-113, ecs-v6-response-bits-114, ecs-v6-response-bits-115, ecs-v6-response-bits-116, ecs-v6-response-bits-117, ecs-v6-response-bits-118, ecs-v6-response-bits-119, ecs-v6-response-bits-120, ecs-v6-response-bits-121, ecs-v6-response-bits-122, ecs-v6-response-bits-123, ecs-v6-response-bits-124, ecs-v6-response-bits-125, ecs-v6-response-bits-126, ecs-v6-response-bits-127, ecs-v6-response-bits-128
|
|
|
|
#################################
|
|
# tcp-fast-open Enable TCP Fast Open support on the listening sockets, using the supplied numerical value as the queue size
|
|
#
|
|
# tcp-fast-open=0
|
|
|
|
#################################
|
|
# threads Launch this number of threads
|
|
#
|
|
# threads=2
|
|
|
|
#################################
|
|
# trace if we should output heaps of logging. set to 'fail' to only log failing domains
|
|
#
|
|
# trace=off
|
|
|
|
#################################
|
|
# udp-source-port-avoid List of comma separated UDP port number to avoid
|
|
#
|
|
# udp-source-port-avoid=11211
|
|
|
|
#################################
|
|
# udp-source-port-max Maximum UDP port to bind on
|
|
#
|
|
# udp-source-port-max=65535
|
|
|
|
#################################
|
|
# udp-source-port-min Minimum UDP port to bind on
|
|
#
|
|
# udp-source-port-min=1024
|
|
|
|
#################################
|
|
# udp-truncation-threshold Maximum UDP response size before we truncate
|
|
#
|
|
# udp-truncation-threshold=1232
|
|
|
|
#################################
|
|
# use-incoming-edns-subnet Pass along received EDNS Client Subnet information
|
|
#
|
|
# use-incoming-edns-subnet=no
|
|
|
|
#################################
|
|
# version-string string reported on version.pdns or version.bind
|
|
#
|
|
# version-string=PowerDNS Recursor 4.2.0 (built May 18 2019 15:59:49 by jamestk@zanzabar.cybase.for-no-reason.net)
|
|
|
|
#################################
|
|
# webserver Start a webserver (for REST API)
|
|
#
|
|
# webserver=no
|
|
|
|
#################################
|
|
# webserver-address IP Address of webserver to listen on
|
|
#
|
|
# webserver-address=127.0.0.1
|
|
|
|
#################################
|
|
# webserver-allow-from Webserver access is only allowed from these subnets
|
|
#
|
|
# webserver-allow-from=127.0.0.1,::1
|
|
|
|
#################################
|
|
# webserver-loglevel Amount of logging in the webserver (none, normal, detailed)
|
|
#
|
|
# webserver-loglevel=normal
|
|
|
|
#################################
|
|
# webserver-password Password required for accessing the webserver
|
|
#
|
|
# webserver-password=
|
|
|
|
#################################
|
|
# webserver-port Port of webserver to listen on
|
|
#
|
|
# webserver-port=8082
|
|
|
|
#################################
|
|
# write-pid Write a PID file
|
|
#
|
|
# write-pid=yes
|
|
|
|
#################################
|
|
# xpf-allow-from XPF information is only processed from these subnets
|
|
#
|
|
# xpf-allow-from=
|
|
|
|
#################################
|
|
# xpf-rr-code XPF option code to use
|
|
#
|
|
# xpf-rr-code=0
|
|
|
|
|