Server/dnscache: Unterschied zwischen den Versionen

Aus C3D2
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „Kategorie:Infrastruktur == Hardware Info == Virtualisiert durch intern:Freebert == Software Info == FreeBSD Jail Container * unbound (package im user…“)
(kein Unterschied)

Version vom 26. April 2014, 13:03 Uhr


Hardware Info

Virtualisiert durch intern:Freebert

Software Info

FreeBSD Jail Container

  • unbound (package im userland von freebsd 10)

Verwendungszweck

  • DNS Cache Server

(Backup DNS Cache läuft auf Flatbert LXC - Knot)

JAIL: /etc/rc.conf

### <--- Service // ---> ###
local_unbound_enable="YES"
### <--- // Service ---> ###

JAIL: /etc/unbound/unbound.conf

### ### ### C3D2 ### ### ###
#
server:
### < --- server // --- > ###
verbosity: 0

interface: 172.22.99.51
interface: 2001:4dd0:fb82:c3d2::51

outgoing-interface: 172.22.99.51
outgoing-interface: 2001:4dd0:fb82:c3d2::51
 
access-control: 0.0.0.0/0 allow
access-control: ::/0 allow
 
outgoing-port-permit: 1025-65535
outgoing-port-avoid: 0-1024
 
harden-large-queries: "yes"
harden-short-bufsize: "yes"
 
### statistics-interval: 60

logfile: "/var/unbound/unbound.log"

root-hints: "/var/unbound/named.cache"
auto-trust-anchor-file: "/var/unbound/root.key"

port: 53
 
do-ip4: yes
do-ip6: yes
do-udp: yes
do-tcp: yes

hide-identity: yes
hide-version: yes
harden-glue: yes
harden-dnssec-stripped: yes
 
use-caps-for-id: yes
 
cache-min-ttl: 300
cache-max-ttl: 86400
 
prefetch: yes
num-threads: 2
 
#max-udp-size: 512
edns-buffer-size: 512

# with libevent2
#outgoing-range: 8192
#num-queries-per-thread: 4096
outgoing-range: 32768
num-queries-per-thread: 16384

msg-cache-slabs: 8
rrset-cache-slabs: 8
infra-cache-slabs: 8
key-cache-slabs: 8

rrset-cache-size: 512m
msg-cache-size: 256m
 
so-rcvbuf: 1m
 
unwanted-reply-threshold: 10000
val-clean-additional: yes
### < --- // server --- > ###

python:
 
remote-control:
        control-enable: yes
        control-interface: 127.0.0.1

### < --- c3d2 // --- > ###
forward-zone:
        name: "dn42"
        forward-addr: 172.22.99.1
        forward-addr: 2001:6f8:1194:c3d2::1

stub-zone:
        name: "c3d2.de"
        stub-host: "ns.c3d2.de"
        stub-addr: 89.238.79.221
        #stub-addr: 172.22.99.4

forward-zone:
        name: "99.22.172.in-addr.arpa"
        forward-addr: 172.22.99.1
        forward-addr: 2001:4dd0:fb82:c3d2::1
forward-zone:
        name: "100.22.172.in-addr.arpa"
        forward-addr: 172.22.99.1
        forward-addr: 2001:4dd0:fb82:c3d2::1
forward-zone:
        name: "22.172.in-addr.arpa"
        forward-addr: 172.22.99.1
        forward-addr: 2001:4dd0:fb82:c3d2::1
### < --- // c3d2 --- > ###

# forward-zone:
# name: "."
# forward-addr: 213.73.91.35  # dnscache.berlin.ccc.de
# forward-addr: 74.82.42.42   # Hurricane Electric
# forward-addr: 4.2.2.4       # Level3 Verizon
#
### ### ### C3D2 ### ### ###
# EOF

Log

  • 26.04.2014 - da ohne libevent2, nur 1024 (465 random connections)
  • 16.04.2014 - einfaches Basis Setup