**Unbound config for Linux**
[[https://unbound.net/documentation/index.html|Documentation]]
server:
use-syslog: yes
username: "unbound"
directory: "/etc/unbound"
trust-anchor-file: trusted-key.key
interface: 127.0.0.1
interface: X.X.X.X
access-control: 10.0.0.0/8 allow
access-control: 172.16.0.0/12 allow
access-control: 192.168.0.0/16 allow
num-threads:
prefetch: yes
prefetch-key: yes
minimal-responses: yes
do-ip6: no # if IPv6 is not available
so-reuseport: yes
Performance optimisation:
[[https://nlnetlabs.nl/documentation/unbound/howto-optimise/]]
server:
# use all CPUs
num-threads:
# power of 2 close to num-threads
msg-cache-slabs:
rrset-cache-slabs:
infra-cache-slabs:
key-cache-slabs:
# more cache memory, rrset=msg*2
rrset-cache-size: 100m
msg-cache-size: 50m
# more outgoing connections
# depends on number of cores: 1024/cores - 50
outgoing-range: 950
# Larger socket buffer. OS may need config.
so-rcvbuf: 4m
so-sndbuf: 4m
# Faster UDP with multithreading (only on Linux).
so-reuseport: yes