| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- server:
- module-config: "validator iterator"
- #module-config: "dns64 validator iterator"
- #dns64-prefix: 64:ff9b::/96
- interface: 0.0.0.0
- interface: ::0
- interface-automatic: yes
- access-control: 0.0.0.0/0 allow
- access-control: ::0/0 allow
- # Daemon manages keeping this file up to date
- root-hints: "/etc/unbound/root.hints"
- do-udp: yes
- #logfile: /var/log/unbound.log
- #log-queries: yes
- #log-servfail: yes
- #example to allow private records to come from public sources
- #private-domain: "plex.direct"
- # Forward netflix to a local bind instance that doesn't return AAAA records (for tunnelbroker)
- #forward-zone:
- #name: "netflix.com"
- #forward-addr: 127.0.0.1@10053
- # Forward AD domain to DCs
- #forward-zone:
- # name: "ad.domain.com"
- # forward-addr: 10.10.8.2
- # forward-addr: 10.10.8.3
- # Needed for DNS-over-TLS, path may be different for non-Debian
- server:
- tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
- # Forward all requests to CloudFlare DoT. Commenting all this out forces local resolving with root.hints
- forward-zone:
- name: "."
- forward-ssl-upstream: yes
- forward-addr: 1.1.1.1@853#cloudflare-dns.com
- forward-addr: 1.0.0.1@853#cloudflare-dns.com
- #forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
- #forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
-
|
