jbergstroem/unbound.conf

## unbound.conf
server:
	username: jbergstroem
	port: 53
	chroot: ""
	interface: 127.0.0.1
	do-ip4: yes
	do-udp: yes
	do-tcp: yes


	logfile: /var/tmp/unbound.log
	verbosity: 0
	log-queries: no

	prefer-ip6: no

	auto-trust-anchor-file: "/usr/local/etc/unbound/root.key"

	tls-upstream: yes
	tls-cert-bundle: "/usr/local/etc/openssl/cert.pem"

	access-control: 127.0.0.1/8 allow
	access-control: 192.168.0.0/16 allow

	private-address: 192.168.0.0/16
	private-address: 169.254.0.0/16
	private-address: 172.16.0.0/12
	private-address: 10.0.0.0/8
	private-address: fd00::/8
	private-address: fe80::/10

	harden-glue: yes
	harden-dnssec-stripped: yes
	use-caps-for-id: no
	edns-buffer-size: 1472
	prefetch: yes
	num-threads: 1
	so-rcvbuf: 1m
	qname-minimisation: yes
	prefetch: yes
	rrset-roundrobin: yes
	use-caps-for-id: yes

	include: "/Users/jbergstroem/.config/unbound/unbound-nxdomain.blacklist"

forward-zone:
	name: "."
	forward-addr: 1.1.1.1@853
	forward-addr: 1.0.0.1@853
	forward-ssl-upstream: yes
	server:
	username: jbergstroem
	port: 53
	chroot: ""
	interface: 127.0.0.1
	do-ip4: yes
	do-udp: yes
	do-tcp: yes


	logfile: /var/tmp/unbound.log
	verbosity: 0
	log-queries: no

	prefer-ip6: no

	auto-trust-anchor-file: "/usr/local/etc/unbound/root.key"

	tls-upstream: yes
	tls-cert-bundle: "/usr/local/etc/openssl/cert.pem"

	access-control: 127.0.0.1/8 allow
	access-control: 192.168.0.0/16 allow

	private-address: 192.168.0.0/16
	private-address: 169.254.0.0/16
	private-address: 172.16.0.0/12
	private-address: 10.0.0.0/8
	private-address: fd00::/8
	private-address: fe80::/10

	harden-glue: yes
	harden-dnssec-stripped: yes
	use-caps-for-id: no
	edns-buffer-size: 1472
	prefetch: yes
	num-threads: 1
	so-rcvbuf: 1m
	qname-minimisation: yes
	prefetch: yes
	rrset-roundrobin: yes
	use-caps-for-id: yes

	include: "/Users/jbergstroem/.config/unbound/unbound-nxdomain.blacklist"

	forward-zone:
	name: "."
	forward-addr: 1.1.1.1@853
	forward-addr: 1.0.0.1@853
	forward-ssl-upstream: yes