{{beinhaltet Abweichungen von der Realität}}

[[Server/freebert]] is gone!

== Hardware ==

Virtualisiert durch [[Server/freebert/FreeBSD]]

== Software ==
* FreeBSD Jail
* unbound (package im userland von freebsd 10)

== Verwendungszweck ==
* DNS Cache Server
(Backup DNS Cache läuft auf Flatbert LXC - Knot)

== JAIL: /etc/rc.conf ==

<source lang=bash>
### <--- Service // ---> ###
local_unbound_enable="YES"
### <--- // Service ---> ###
</source>

== JAIL: /etc/unbound/unbound.conf ==

<source lang=bash>
### ### ### C3D2 ### ### ###
#
server:
### < --- server // --- > ###
verbosity: 0

interface: 172.22.99.51
interface: 2001:4dd0:fb82:c3d2::51

outgoing-interface: 172.22.99.51
outgoing-interface: 2001:4dd0:fb82:c3d2::51
 
access-control: 0.0.0.0/0 allow
access-control: ::/0 allow
 
outgoing-port-permit: 1025-65535
outgoing-port-avoid: 0-1024
 
harden-large-queries: "yes"
harden-short-bufsize: "yes"
 
### statistics-interval: 60

logfile: "/var/unbound/unbound.log"

root-hints: "/var/unbound/named.cache"
auto-trust-anchor-file: "/var/unbound/root.key"

port: 53
 
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes

hide-identity: yes
hide-version: yes
harden-glue: yes
harden-dnssec-stripped: yes
 
use-caps-for-id: yes
 
cache-min-ttl: 300
cache-max-ttl: 86400
 
prefetch: yes
num-threads: 2
 
#max-udp-size: 512
edns-buffer-size: 512

# with libevent2
#outgoing-range: 8192
#num-queries-per-thread: 4096
outgoing-range: 32768
num-queries-per-thread: 16384

msg-cache-slabs: 8
rrset-cache-slabs: 8
infra-cache-slabs: 8
key-cache-slabs: 8

rrset-cache-size: 512m
msg-cache-size: 256m
 
so-rcvbuf: 1m
 
unwanted-reply-threshold: 10000
val-clean-additional: yes
### < --- // server --- > ###

python:
 
remote-control:
        control-enable: yes
        control-interface: 127.0.0.1

### < --- c3d2 // --- > ###
forward-zone:
        name: "dn42"
        forward-addr: 172.22.99.1
        forward-addr: 2001:6f8:1194:c3d2::1

stub-zone:
        name: "c3d2.de"
        stub-host: "ns.c3d2.de"
        stub-addr: 89.238.79.221
        #stub-addr: 172.22.99.4

forward-zone:
        name: "99.22.172.in-addr.arpa"
        forward-addr: 172.22.99.1
        forward-addr: 2001:4dd0:fb82:c3d2::1
forward-zone:
        name: "100.22.172.in-addr.arpa"
        forward-addr: 172.22.99.1
        forward-addr: 2001:4dd0:fb82:c3d2::1
forward-zone:
        name: "22.172.in-addr.arpa"
        forward-addr: 172.22.99.1
        forward-addr: 2001:4dd0:fb82:c3d2::1
### < --- // c3d2 --- > ###

# forward-zone:
# name: "."
# forward-addr: 213.73.91.35  # dnscache.berlin.ccc.de
# forward-addr: 74.82.42.42   # Hurricane Electric
# forward-addr: 4.2.2.4       # Level3 Verizon
#
### ### ### C3D2 ### ### ###
# EOF
</source>

== Log ==
* 26.04.2014 - da ohne libevent2, nur 1024 (465 random connections)
* 16.04.2014 - einfaches Basis Setup

[[Kategorie:Infrastruktur]]