Skip to content

Instantly share code, notes, and snippets.



Last active May 14, 2021
What would you like to do?
Unbound configuration IPv4 and IPv6
interface: ::0
access-control: allow
access-control: allow
access-control: 2001:db8:dead:beef::/48 allow
# unbound optimisation
num-threads: 4
msg-cache-slabs: 16
rrset-cache-slabs: 16
infra-cache-slabs: 16
key-cache-slabs: 16
outgoing-range: 206
so-rcvbuf: 4m
so-sndbuf: 4m
so-reuseport: yes
rrset-cache-size: 100m
msg-cache-size: 50m
# unbound security
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes
cache-max-ttl: 86400
cache-min-ttl: 3600
hide-identity: yes
hide-version: yes
minimal-responses: yes
prefetch: yes
use-caps-for-id: yes
verbosity: 1
harden-glue: yes
harden-dnssec-stripped: yes
# download from
root-hints: "/var/lib/unbound/root.hints"
private-domain: "company.lan"
private-address: 2001:db8:dead:beef::/48
local-data: " IN A"
local-data-ptr: ""
local-data: " IN AAAA 2001:db8:dead:beef::254"
local-data-ptr: "2001:db8:dead:beef::254"
include: "/etc/unbound/unbound.conf.d/*.conf"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment