2 # Unbound configuration file for IPFire
4 # The full documentation is available at:
5 # https://nlnetlabs.nl/documentation/unbound/unbound.conf/
9 # Common Server Options
11 directory: "/etc/unbound"
16 include: "/etc/unbound/tuning.conf"
23 statistics-interval: 86400
24 extended-statistics: yes
30 # Randomise any cached responses
38 auto-trust-anchor-file: "/var/lib/unbound/root.key"
43 harden-large-queries: yes
44 harden-referral-path: yes
49 tls-cert-bundle: /etc/ssl/certs/ca-bundle.crt
51 # EDNS Buffer Size (#12240)
52 edns-buffer-size: 1232
54 # Harden against DNS cache poisoning
55 unwanted-reply-threshold: 1000000
57 # Listen on all interfaces
58 interface-automatic: yes
61 # Allow access from everywhere
62 access-control: 0.0.0.0/0 allow
64 # Bootstrap root servers
65 root-hints: "/etc/unbound/root.hints"
68 include: "/etc/unbound/dhcp-leases.conf"
71 include: "/etc/unbound/hosts.conf"
73 # Include any forward zones
74 include: "/etc/unbound/forward.conf"
79 control-interface: 127.0.0.1
81 # Import any local configurations
82 include: "/etc/unbound/local.d/*.conf"