`config unbound 'ub_main'
option dhcp_link 'dnsmasq'
option exclude_ipv6_ga '0'
option dns64 '0'
option domain 'lan'
option edns_size '1232'
option extended_stats '0'
option hide_binddata '1'
option interface_auto '1'
option listen_port '53'
option localservice '1'
option manual_conf '0'
option num_threads '1'
option protocol 'mixed'
option rate_limit '0'
option rebind_localhost '0'
option rebind_protection '1'
option recursion 'default'
option resource 'default'
option root_age '9'
option ttl_min '120'
option ttl_neg_max '1000'
option unbound_control '2'
option validator '0'
option verbosity '1'
list iface_wan 'wan'
option enabled '1'
list iface_lan 'lan'
list iface_trig 'lan'
list iface_trig 'wan'
config zone 'auth_icann'
option enabled '0'
option fallback '1'
option url_dir 'https://www.internic.net/domain/'
option zone_type 'auth_zone'
list server 'lax.xfr.dns.icann.org'
list server 'iad.xfr.dns.icann.org'
list zone_name '.'
list zone_name 'arpa.'
list zone_name 'in-addr.arpa.'
list zone_name 'ip6.arpa.'
config zone 'fwd_isp'
option enabled '0'
option fallback '1'
option resolv_conf '1'
option zone_type 'forward_zone'
list zone_name 'isp-bill.example.com.'
list zone_name 'isp-mail.example.net.'
config zone 'fwd_quad9'
option enabled '1'
option fallback '1'
option zone_type 'auth_zone'
list zone_name '.'
list server '9.9.9.9'
list server '149.112.112.112'
list server '2620:fe::fe'
option dns_assist 'dnsmasq'
config zone
option enabled '1'
option fallback '0'
option zone_type 'forward_zone'
list zone_name 'quad9'
list server '9.9.9.9'
list server '149.112.112.112'
list server '2620:fe::fe'
list server '2620:fe::9'
option tls_upstream '1'
option tls_index 'dns.quad9.net'
`
and
# /var/lib/unbound/unbound.conf generated by UCI
# /var/lib/unbound/server.conf.tmp generated by UCI
server:
username: unbound
chroot: /var/lib/unbound
directory: /var/lib/unbound
pidfile: /var/run/unbound.pid
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
num-threads: 1
msg-cache-slabs: 1
rrset-cache-slabs: 1
infra-cache-slabs: 1
key-cache-slabs: 1
ratelimit-slabs: 1
ip-ratelimit-slabs: 1
use-syslog: yes
statistics-interval: 0
statistics-cumulative: no
verbosity: 1
extended-statistics: no
interface-automatic: yes
do-not-query-localhost: no
edns-buffer-size: 1232
port: 53
outgoing-port-permit: 10240-65535
do-ip4: yes
do-ip6: yes
module-config: "respip iterator"
cache-min-ttl: 120
cache-max-ttl: 72000
cache-max-negative-ttl: 1000
val-bogus-ttl: 300
infra-host-ttl: 900
hide-identity: yes
hide-version: yes
private-address: 10.0.0.0/8
private-address: 100.64.0.0/10
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 192.168.0.0/16
private-address: fc00::/7
private-address: fe80::/10
access-control: 192.168.1.1/24 allow
access-control: fd5b:3471:deac::1/60 allow
access-control: 192.168.1.1/24 allow
access-control: fd5b:3471:deac::1/60 allow
access-control: 127.0.0.0/8 allow
access-control: ::1/128 allow
access-control: fe80::/10 allow
# /var/lib/unbound/host.conf.tmp generated by UCI
# Local zone is handled by dnsmasq
include: /var/lib/unbound/adb_list.*
include: /var/lib/unbound/unbound_srv.conf
# /var/lib/unbound/zone.conf.tmp generated by UCI
# Special zone was not enabled or had UCI conflicts.
# Special zone was not enabled or had UCI conflicts.
auth-zone:
name: .
master: 9.9.9.9
master: 149.112.112.112
master: 2620:fe::fe
fallback-enabled: yes
for-downstream: no
for-upstream: yes
zonefile: root.zone
forward-zone:
name: quad9
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::9@853#dns.quad9.net
forward-first: no
forward-tls-upstream: yes
# /var/lib/unbound/ctrl.conf.tmp generated by UCI
include: /var/lib/unbound/unbound_ext.conf