Unbound config for Linux
server: use-syslog: yes username: "unbound" directory: "/etc/unbound" trust-anchor-file: trusted-key.key interface: 127.0.0.1 interface: X.X.X.X access-control: 10.0.0.0/8 allow access-control: 172.16.0.0/12 allow access-control: 192.168.0.0/16 allow num-threads: <num_cpu> prefetch: yes prefetch-key: yes minimal-responses: yes do-ip6: no # if IPv6 is not available so-reuseport: yes
Performance optimisation:
https://nlnetlabs.nl/documentation/unbound/howto-optimise/
server: # use all CPUs num-threads: <number of cores> # power of 2 close to num-threads msg-cache-slabs: <same> rrset-cache-slabs: <same> infra-cache-slabs: <same> key-cache-slabs: <same> # more cache memory, rrset=msg*2 rrset-cache-size: 100m msg-cache-size: 50m # more outgoing connections # depends on number of cores: 1024/cores - 50 outgoing-range: 950 # Larger socket buffer. OS may need config. so-rcvbuf: 4m so-sndbuf: 4m # Faster UDP with multithreading (only on Linux). so-reuseport: yes