From 42831678471140dc9ef791cc89e49f7caaf39ab3 Mon Sep 17 00:00:00 2001
From: "Daniel.plominski" <Daniel.plominski@wiki.c3d2.de/w>
Date: Sat, 26 Apr 2014 13:03:38 +0000
Subject: [PATCH] =?UTF-8?q?Die=20Seite=20wurde=20neu=20angelegt:=20?=
 =?UTF-8?q?=E2=80=9E[[Kategorie:Infrastruktur]]=20=20=3D=3D=20Hardware=20I?=
 =?UTF-8?q?nfo=20=3D=3D=20Virtualisiert=20durch=20[[intern:Freebert]]=20?=
 =?UTF-8?q?=20=3D=3D=20Software=20Info=20=3D=3D=20FreeBSD=20Jail=20Contain?=
 =?UTF-8?q?er=20*=20unbound=20(package=20im=20user=E2=80=A6=E2=80=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Server%2Fdnscache.mw | 140 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 140 insertions(+)
 create mode 100644 Server%2Fdnscache.mw

diff --git a/Server%2Fdnscache.mw b/Server%2Fdnscache.mw
new file mode 100644
index 00000000..2837f174
--- /dev/null
+++ b/Server%2Fdnscache.mw
@@ -0,0 +1,140 @@
+[[Kategorie:Infrastruktur]]
+
+== Hardware Info ==
+Virtualisiert durch [[intern:Freebert]]
+
+== Software Info ==
+FreeBSD Jail Container
+* unbound (package im userland von freebsd 10)
+
+== Verwendungszweck ==
+* DNS Cache Server
+(Backup DNS Cache läuft auf Flatbert LXC - Knot)
+
+== JAIL: /etc/rc.conf ==
+
+<source lang=bash>
+### <--- Service // ---> ###
+local_unbound_enable="YES"
+### <--- // Service ---> ###
+</source>
+
+== JAIL: /etc/unbound/unbound.conf ==
+
+<source lang=bash>
+### ### ### C3D2 ### ### ###
+#
+server:
+### < --- server // --- > ###
+verbosity: 0
+
+interface: 172.22.99.51
+interface: 2001:4dd0:fb82:c3d2::51
+
+outgoing-interface: 172.22.99.51
+outgoing-interface: 2001:4dd0:fb82:c3d2::51
+ 
+access-control: 0.0.0.0/0 allow
+access-control: ::/0 allow
+ 
+outgoing-port-permit: 1025-65535
+outgoing-port-avoid: 0-1024
+ 
+harden-large-queries: "yes"
+harden-short-bufsize: "yes"
+ 
+### statistics-interval: 60
+
+logfile: "/var/unbound/unbound.log"
+
+root-hints: "/var/unbound/named.cache"
+auto-trust-anchor-file: "/var/unbound/root.key"
+
+port: 53
+ 
+do-ip4: yes
+do-ip6: yes
+do-udp: yes
+do-tcp: yes
+
+hide-identity: yes
+hide-version: yes
+harden-glue: yes
+harden-dnssec-stripped: yes
+ 
+use-caps-for-id: yes
+ 
+cache-min-ttl: 300
+cache-max-ttl: 86400
+ 
+prefetch: yes
+num-threads: 2
+ 
+#max-udp-size: 512
+edns-buffer-size: 512
+
+# with libevent2
+#outgoing-range: 8192
+#num-queries-per-thread: 4096
+outgoing-range: 32768
+num-queries-per-thread: 16384
+
+msg-cache-slabs: 8
+rrset-cache-slabs: 8
+infra-cache-slabs: 8
+key-cache-slabs: 8
+
+rrset-cache-size: 512m
+msg-cache-size: 256m
+ 
+so-rcvbuf: 1m
+ 
+unwanted-reply-threshold: 10000
+val-clean-additional: yes
+### < --- // server --- > ###
+
+python:
+ 
+remote-control:
+        control-enable: yes
+        control-interface: 127.0.0.1
+
+### < --- c3d2 // --- > ###
+forward-zone:
+        name: "dn42"
+        forward-addr: 172.22.99.1
+        forward-addr: 2001:6f8:1194:c3d2::1
+
+stub-zone:
+        name: "c3d2.de"
+        stub-host: "ns.c3d2.de"
+        stub-addr: 89.238.79.221
+        #stub-addr: 172.22.99.4
+
+forward-zone:
+        name: "99.22.172.in-addr.arpa"
+        forward-addr: 172.22.99.1
+        forward-addr: 2001:4dd0:fb82:c3d2::1
+forward-zone:
+        name: "100.22.172.in-addr.arpa"
+        forward-addr: 172.22.99.1
+        forward-addr: 2001:4dd0:fb82:c3d2::1
+forward-zone:
+        name: "22.172.in-addr.arpa"
+        forward-addr: 172.22.99.1
+        forward-addr: 2001:4dd0:fb82:c3d2::1
+### < --- // c3d2 --- > ###
+
+# forward-zone:
+# name: "."
+# forward-addr: 213.73.91.35  # dnscache.berlin.ccc.de
+# forward-addr: 74.82.42.42   # Hurricane Electric
+# forward-addr: 4.2.2.4       # Level3 Verizon
+#
+### ### ### C3D2 ### ### ###
+# EOF
+</source>
+
+== Log ==
+* 26.04.2014 - da ohne libevent2, nur 1024 (465 random connections)
+* 16.04.2014 - einfaches Basis Setup