课程第22次
如果要靠unbound自己解析,不转发:server:
verbosity: 1
statistics-interval: 0
statistics-cumulative: no
extended-statistics: yes
num-threads: 4
interface: 192.168.0.3
interface-automatic: no
so-reuseport: yes
ip-transparent: yes
access-control: 192.168.0.0/24 allow
access-control-view: 192.168.0.0/24abc
chroot: ""
username: "unbound"
directory: "/etc/unbound"
log-time-ascii: yes
pidfile: "/var/run/unbound/unbound.pid"
harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: yes
harden-referral-path: yes
unwanted-reply-threshold: 10000000
prefetch: yes
prefetch-key: yes
rrset-roundrobin: yes
minimal-responses: yes
module-config: "ipsecmod validator iterator"
trust-anchor-signaling: yes
trusted-keys-file: /etc/unbound/keys.d/*.key
auto-trust-anchor-file: "/var/lib/unbound/root.key"
domain-insecure: "example.com"
domain-insecure: "0.168.192.in-addr.arpa"
val-clean-additional: yes
val-permissive-mode: no
val-log-level: 1
include: /etc/unbound/local.d/*.conf
ipsecmod-enabled: no
ipsecmod-hook: "/usr/libexec/ipsec/_unbound-hook"
python:
remote-control:
control-enable: yes
server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"
include: /etc/unbound/conf.d/*.conf
view:
name: "abc"
local-zone: "0.168.192.in-addr.arpa."nodefault
local-zone: "example.com." nodefault
local-data: "alading.example.com. IN A 192.168.0.3"
local-data: "dog.example.com. IN A 192.168.0.4"
local-data: "cat.example.com. IN A 192.168.0.5"
local-data-ptr: "192.168.0.3alading.example.com"
local-data-ptr: "192.168.0.4dog.example.com"
local-data-ptr: "192.168.0.5cat.example.com"
------------------------------------------------------------------------------------------------------------------------------
在以上的配置文件里,只有domain-insecure和local-data-ptr域名结尾不用写“.”
页:
[1]