37 lines
1.1 KiB
Plaintext
37 lines
1.1 KiB
Plaintext
# Unbound configuration file for Debian.
|
|
#
|
|
# See the unbound.conf(5) man page.
|
|
#
|
|
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
|
|
# reference config file.
|
|
#
|
|
# The following line includes additional configuration files from the
|
|
# /etc/unbound/unbound.conf.d directory.
|
|
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"
|
|
|
|
server:
|
|
# location of the trust anchor file that enables DNSSEC
|
|
# auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
|
# send minimal amount of information to upstream servers to enhance privacy
|
|
qname-minimisation: yes
|
|
# the interface that is used to connect to the network (this will listen to all interfaces)
|
|
interface: 0.0.0.0
|
|
# interface: ::0
|
|
# addresses from the IP range that are allowed to connect to the resolver
|
|
access-control: 192.168.88.0/24 allow
|
|
# allow Tailnet
|
|
access-control: 100.64.0.0/10 allow
|
|
# allow Tailnet IPv6
|
|
access-control: fd7a:115c:a1e0::/48 allow
|
|
|
|
do-ip4: yes
|
|
do-ip6: yes
|
|
do-udp: yes
|
|
do-tcp: yes
|
|
|
|
|
|
remote-control:
|
|
# allows controlling unbound using "unbound-control"
|
|
control-enable: yes
|
|
|