|
|
@ -1,4 +1,4 @@ |
|
|
|
# $OpenBSD: unbound.conf,v 1.8 2018/03/29 20:40:22 florian Exp $ |
|
|
|
# $OpenBSD: unbound.conf,v 1.9 2018/12/07 09:21:08 florian Exp $ |
|
|
|
|
|
|
|
server: |
|
|
|
interface: 127.0.0.1 |
|
|
@ -24,14 +24,12 @@ server: |
|
|
|
# |
|
|
|
#qname-minimisation: yes |
|
|
|
|
|
|
|
# Uncomment to enable DNSSEC validation. |
|
|
|
# |
|
|
|
#auto-trust-anchor-file: "/var/unbound/db/root.key" |
|
|
|
# Enable DNSSEC validation. |
|
|
|
auto-trust-anchor-file: "/var/unbound/db/root.key" |
|
|
|
val-log-level: 2 |
|
|
|
|
|
|
|
# Uncomment to synthesize NXDOMAINs from DNSSEC NSEC chains |
|
|
|
# https://tools.ietf.org/html/rfc8198 |
|
|
|
# |
|
|
|
#aggressive-nsec: yes |
|
|
|
# Synthesize NXDOMAINs from DNSSEC NSEC chains. RFC 8198 |
|
|
|
aggressive-nsec: yes |
|
|
|
|
|
|
|
# Serve zones authoritatively from Unbound to resolver clients. |
|
|
|
# Not for external service. |
|
|
|