sync with OpenBSD -current
This commit is contained in:
parent
137d408ac1
commit
e0d126d03b
143 changed files with 5355 additions and 3727 deletions
|
@ -1,7 +1,7 @@
|
|||
#
|
||||
# Example configuration file.
|
||||
#
|
||||
# See unbound.conf(5) man page, version 1.19.2.
|
||||
# See unbound.conf(5) man page, version 1.19.3.
|
||||
#
|
||||
# this is a comment.
|
||||
|
||||
|
@ -303,6 +303,7 @@ server:
|
|||
# Choose deny (drop message), refuse (polite error reply),
|
||||
# allow (recursive ok), allow_setrd (recursive ok, rd bit is forced on),
|
||||
# allow_snoop (recursive and nonrecursive ok)
|
||||
# allow_cookie (allow UDP with valid cookie or stateful transport)
|
||||
# deny_non_local (drop queries unless can be answered from local-data)
|
||||
# refuse_non_local (like deny_non_local but polite error reply).
|
||||
# access-control: 127.0.0.0/8 allow
|
||||
|
@ -441,6 +442,9 @@ server:
|
|||
# filtering log-queries and log-replies from the log.
|
||||
# log-tag-queryreply: no
|
||||
|
||||
# log with destination address, port and type for log-replies.
|
||||
# log-destaddr: no
|
||||
|
||||
# log the local-zone actions, like local-zone type inform is enabled
|
||||
# also for the other local zone types.
|
||||
# log-local-actions: no
|
||||
|
@ -983,6 +987,13 @@ server:
|
|||
# if 0(default) it is disabled, otherwise states qps allowed per ip address
|
||||
# ip-ratelimit: 0
|
||||
|
||||
# global query ratelimit for all ip addresses with a valid DNS Cookie.
|
||||
# feature is experimental.
|
||||
# if 0(default) it is disabled, otherwise states qps allowed per ip address
|
||||
# useful in combination with 'allow_cookie'.
|
||||
# If used, suggested to be higher than ip-ratelimit, tenfold.
|
||||
# ip-ratelimit-cookie: 0
|
||||
|
||||
# ip ratelimits are tracked in a cache, size in bytes of cache (or k,m).
|
||||
# ip-ratelimit-size: 4m
|
||||
# ip ratelimit cache slabs, reduces lock contention if equal to cpucount.
|
||||
|
@ -1004,6 +1015,14 @@ server:
|
|||
# the number of servers that will be used in the fast server selection.
|
||||
# fast-server-num: 3
|
||||
|
||||
# reply to requests containing DNS Cookies as specified in RFC 7873 and RFC 9018.
|
||||
# answer-cookie: no
|
||||
|
||||
# secret for DNS Cookie generation.
|
||||
# useful for anycast deployments.
|
||||
# example value "000102030405060708090a0b0c0d0e0f".
|
||||
# cookie-secret: <128 bit random hex string>
|
||||
|
||||
# Enable to attach Extended DNS Error codes (RFC8914) to responses.
|
||||
# ede: no
|
||||
|
||||
|
@ -1150,7 +1169,7 @@ remote-control:
|
|||
# sources of notifies.
|
||||
# auth-zone:
|
||||
# name: "."
|
||||
# primary: 199.9.14.201 # b.root-servers.net
|
||||
# primary: 170.247.170.2 # b.root-servers.net
|
||||
# primary: 192.33.4.12 # c.root-servers.net
|
||||
# primary: 199.7.91.13 # d.root-servers.net
|
||||
# primary: 192.5.5.241 # f.root-servers.net
|
||||
|
@ -1158,7 +1177,7 @@ remote-control:
|
|||
# primary: 193.0.14.129 # k.root-servers.net
|
||||
# primary: 192.0.47.132 # xfr.cjr.dns.icann.org
|
||||
# primary: 192.0.32.132 # xfr.lax.dns.icann.org
|
||||
# primary: 2001:500:200::b # b.root-servers.net
|
||||
# primary: 2801:1b8:10::b # b.root-servers.net
|
||||
# primary: 2001:500:2::c # c.root-servers.net
|
||||
# primary: 2001:500:2d::d # d.root-servers.net
|
||||
# primary: 2001:500:2f::f # f.root-servers.net
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue