server:
verbosity: 1
statistics-interval: 0
statistics-cumulative: no
extended-statistics: yes
num-threads: 2
interface: 0.0.0.0
interface-automatic: no
so-rcvbuf: 4m
so-sndbuf: 4m
msg-cache-size: 64m
rrset-cache-size: 64m
cache-max-ttl: 600
do-ip4: yes
do-ip6: no
access-control: 10.0.0.0/8 allow
chroot: ""
username: "unbound"
directory: "/etc/unbound"
log-time-ascii: yes
pidfile: "/var/run/unbound/unbound.pid"
hide-identity: yes
harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: yes
harden-referral-path: yes
use-caps-for-id: no
unwanted-reply-threshold: 10000000
do-not-query-localhost: no
prefetch: yes
prefetch-key: yes
rrset-roundrobin: yes
minimal-responses: yes
module-config: "iterator"
trusted-keys-file: /etc/unbound/keys.d/*.key
auto-trust-anchor-file: "/var/lib/unbound/root.key"
val-clean-additional: yes
val-permissive-mode: no
val-log-level: 1
local-zone: "google.com" redirect
local-data: "google.com IN A 10.8.128.235"
local-zone: "google.com.hk" redirect
local-data: "google.com.hk IN A 10.8.128.235"
include: /etc/unbound/local.d/*.conf
remote-control:
control-enable: yes
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"
include: /etc/unbound/conf.d/*.conf
forward-zone:
name:"."
forward-addr:10.8.2.55