Die Seite wurde neu angelegt: „[[Kategorie:Infrastruktur]] == Hardware Info == Virtualisiert durch [[intern:Freebert]] == Software Info == FreeBSD Jail Container * unbound (package im user…“
This commit is contained in:
parent
7bd737ef09
commit
4283167847
|
@ -0,0 +1,140 @@
|
|||
[[Kategorie:Infrastruktur]]
|
||||
|
||||
== Hardware Info ==
|
||||
Virtualisiert durch [[intern:Freebert]]
|
||||
|
||||
== Software Info ==
|
||||
FreeBSD Jail Container
|
||||
* unbound (package im userland von freebsd 10)
|
||||
|
||||
== Verwendungszweck ==
|
||||
* DNS Cache Server
|
||||
(Backup DNS Cache läuft auf Flatbert LXC - Knot)
|
||||
|
||||
== JAIL: /etc/rc.conf ==
|
||||
|
||||
<source lang=bash>
|
||||
### <--- Service // ---> ###
|
||||
local_unbound_enable="YES"
|
||||
### <--- // Service ---> ###
|
||||
</source>
|
||||
|
||||
== JAIL: /etc/unbound/unbound.conf ==
|
||||
|
||||
<source lang=bash>
|
||||
### ### ### C3D2 ### ### ###
|
||||
#
|
||||
server:
|
||||
### < --- server // --- > ###
|
||||
verbosity: 0
|
||||
|
||||
interface: 172.22.99.51
|
||||
interface: 2001:4dd0:fb82:c3d2::51
|
||||
|
||||
outgoing-interface: 172.22.99.51
|
||||
outgoing-interface: 2001:4dd0:fb82:c3d2::51
|
||||
|
||||
access-control: 0.0.0.0/0 allow
|
||||
access-control: ::/0 allow
|
||||
|
||||
outgoing-port-permit: 1025-65535
|
||||
outgoing-port-avoid: 0-1024
|
||||
|
||||
harden-large-queries: "yes"
|
||||
harden-short-bufsize: "yes"
|
||||
|
||||
### statistics-interval: 60
|
||||
|
||||
logfile: "/var/unbound/unbound.log"
|
||||
|
||||
root-hints: "/var/unbound/named.cache"
|
||||
auto-trust-anchor-file: "/var/unbound/root.key"
|
||||
|
||||
port: 53
|
||||
|
||||
do-ip4: yes
|
||||
do-ip6: yes
|
||||
do-udp: yes
|
||||
do-tcp: yes
|
||||
|
||||
hide-identity: yes
|
||||
hide-version: yes
|
||||
harden-glue: yes
|
||||
harden-dnssec-stripped: yes
|
||||
|
||||
use-caps-for-id: yes
|
||||
|
||||
cache-min-ttl: 300
|
||||
cache-max-ttl: 86400
|
||||
|
||||
prefetch: yes
|
||||
num-threads: 2
|
||||
|
||||
#max-udp-size: 512
|
||||
edns-buffer-size: 512
|
||||
|
||||
# with libevent2
|
||||
#outgoing-range: 8192
|
||||
#num-queries-per-thread: 4096
|
||||
outgoing-range: 32768
|
||||
num-queries-per-thread: 16384
|
||||
|
||||
msg-cache-slabs: 8
|
||||
rrset-cache-slabs: 8
|
||||
infra-cache-slabs: 8
|
||||
key-cache-slabs: 8
|
||||
|
||||
rrset-cache-size: 512m
|
||||
msg-cache-size: 256m
|
||||
|
||||
so-rcvbuf: 1m
|
||||
|
||||
unwanted-reply-threshold: 10000
|
||||
val-clean-additional: yes
|
||||
### < --- // server --- > ###
|
||||
|
||||
python:
|
||||
|
||||
remote-control:
|
||||
control-enable: yes
|
||||
control-interface: 127.0.0.1
|
||||
|
||||
### < --- c3d2 // --- > ###
|
||||
forward-zone:
|
||||
name: "dn42"
|
||||
forward-addr: 172.22.99.1
|
||||
forward-addr: 2001:6f8:1194:c3d2::1
|
||||
|
||||
stub-zone:
|
||||
name: "c3d2.de"
|
||||
stub-host: "ns.c3d2.de"
|
||||
stub-addr: 89.238.79.221
|
||||
#stub-addr: 172.22.99.4
|
||||
|
||||
forward-zone:
|
||||
name: "99.22.172.in-addr.arpa"
|
||||
forward-addr: 172.22.99.1
|
||||
forward-addr: 2001:4dd0:fb82:c3d2::1
|
||||
forward-zone:
|
||||
name: "100.22.172.in-addr.arpa"
|
||||
forward-addr: 172.22.99.1
|
||||
forward-addr: 2001:4dd0:fb82:c3d2::1
|
||||
forward-zone:
|
||||
name: "22.172.in-addr.arpa"
|
||||
forward-addr: 172.22.99.1
|
||||
forward-addr: 2001:4dd0:fb82:c3d2::1
|
||||
### < --- // c3d2 --- > ###
|
||||
|
||||
# forward-zone:
|
||||
# name: "."
|
||||
# forward-addr: 213.73.91.35 # dnscache.berlin.ccc.de
|
||||
# forward-addr: 74.82.42.42 # Hurricane Electric
|
||||
# forward-addr: 4.2.2.4 # Level3 Verizon
|
||||
#
|
||||
### ### ### C3D2 ### ### ###
|
||||
# EOF
|
||||
</source>
|
||||
|
||||
== Log ==
|
||||
* 26.04.2014 - da ohne libevent2, nur 1024 (465 random connections)
|
||||
* 16.04.2014 - einfaches Basis Setup
|
Loading…
Reference in New Issue