Allow public IP as source, remove extra public recursion (only leaving local zones) and add more statistics and round robin
This commit is contained in:
parent
49f18374f4
commit
bf932e987f
|
@ -2,15 +2,26 @@ include: "/etc/unbound/redxen-dns.conf"
|
|||
server:
|
||||
directory: "/etc/unbound"
|
||||
username: unbound
|
||||
access-control: 0.0.0.0/0 deny_non_local
|
||||
do-not-query-address: 127.0.0.11
|
||||
access-control: 0.0.0.0/0 refuse_non_local
|
||||
# Local Host
|
||||
access-control: 127.0.0.0/24 allow
|
||||
access-control: 172.17.12.0/24 allow
|
||||
# Docker Host
|
||||
access-control: 172.18.0.1/32 allow
|
||||
# log-replies: yes
|
||||
# Wireguard Range
|
||||
access-control: 172.22.12.0/24 allow
|
||||
# Allow Loopback connections with public ip as source
|
||||
access-control: 88.198.95.52/32 allow
|
||||
access-control: 88.198.95.107/32 allow
|
||||
access-control: 88.198.95.100/32 allow
|
||||
access-control: 88.198.95.106/32 allow
|
||||
access-control: 88.198.95.63/32 allow
|
||||
#log-replies: yes
|
||||
interface: 0.0.0.0
|
||||
interface: ::0
|
||||
access-control: 0.0.0.0/0 allow
|
||||
extended-statistics: yes
|
||||
root-hints: root.hints
|
||||
rrset-roundrobin: yes
|
||||
trust-anchor-file: /usr/share/dnssec-root/trusted-key.key
|
||||
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
|
||||
port: 5353
|
||||
|
|
Reference in New Issue