Header Ads

Konfigurasi file unbound.conf DNS Unbound

Konfigurasi file unbound.conf DNS Unbound
File unbound.conf :

server:
         verbosity: 1
         statistics-interval: 120
         num-threads: 2
         interface: 0.0.0.0

         outgoing-range: 950
         num-queries-per-thread: 1024

         msg-cache-size: 48m
         rrset-cache-size: 96m

         msg-cache-slabs: 4
         rrset-cache-slabs: 4
         infra-cache-slabs: 4
         key-cache-slabs: 4


         cache-max-ttl: 86400
         infra-host-ttl: 60
         infra-lame-ttl: 120
       
         infra-cache-numhosts: 10000
         infra-cache-lame-size: 10k

         do-ip4: yes
         do-ip6: no
         do-udp: yes
         do-tcp: yes
         do-daemonize: yes

         #access-control: 0.0.0.0/0 allow
         access-control: 10.10.0.0/16 allow
         access-control: 127.0.0.0/8 allow
         access-control: 0.0.0.0/0 refuse
   
         chroot: "/etc/unbound"
         username: "unbound"
         directory: "/etc/unbound"
         #logfile: "/etc/unbound/unbound.log"
         #use-syslog: yes
         logfile: ""
         use-syslog: no
         pidfile: "/etc/unbound/unbound.pid"
         root-hints: "/etc/unbound/named.cache"
     
        identity: "DNS"
        version: "1.4"
        hide-identity: yes
        hide-version: yes
        harden-glue: yes
        do-not-query-address: 127.0.0.1/8
        do-not-query-localhost: yes
        module-config: "iterator"

        #zone localhost
        local-zone: "localhost." static
        local-data: "localhost. 10800 IN NS localhost."
        local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
        local-data: "localhost. 10800 IN A 127.0.0.1"

        local-zone: "127.in-addr.arpa." static
        local-data: "127.in-addr.arpa. 10800 IN NS localhost."
        local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
        local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."
     
        #zone zest.proxy.net
        local-zone: "zest.proxy.net." static
        local-data: "zest.proxy.net. 86400 IN NS ns1.zest.proxy.net."
        local-data: "zest.proxy.net. 86400 IN SOA zest.proxy.net. hostmaster.zest.proxy.net.  3 3600 1200 604800 86400"
        local-data: "zest.proxy.net. 86400 IN A 10.10.20.20"
        local-data: "www.zest.proxy.net. 86400 IN A 10.10.20.20"
        local-data: "ns1.zest.proxy.net. 86400 IN A 10.10.20.20"
        local-data: "proxy.zest.proxy.net. 86400 IN A 10.10.20.20"  
        local-data: "mail.zest.proxy.net. 86400 IN A 10.10.20.20"
        local-data: "zest.proxy.net. 86400 IN MX 10 mail.zest.proxy.net."
        local-data: "zest.proxy.net. 86400 IN TXT v=spf1 a mx ~all"

        local-zone: "20.10.10.in-addr.arpa." static
        local-data: "20.10.10.in-addr.arpa. 10800 IN NS zest.proxy.net."
        local-data: "20.10.10.in-addr.arpa. 10800 IN SOA zest.proxy.net. hostmaster.zest.proxy.net. 4 3600 1200 604800 864000"
        local-data: "20.20.10.10.in-addr.arpa. 10800 IN PTR zest.proxy.net."
        local-data: "20.20.10.10.in-addr.arpa. 10800 IN PTR proxy.zest.proxy.net."

        #block situs
        local-zone: "pekalongan-community.com" redirect local-data: "pekalongan-community.com A 173.194.117.38"

forward-zone: name: "akamai.net"        forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "edgekey.net"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "edgesuite.net"     forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "fbcdn.net"         forward-addr: 202.134.1.10     forward-addr: 202.134.0.155
forward-zone: name: "facebook.com"      forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "gstatic.com"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "google.com"        forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "blogspot.com"      forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "youtube.com"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "yahoo.com"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "yimg.com"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "ytimg.com"         forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "google-analytics.com"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "effectivemeasure.net"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "googlesyndication.com"      forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "doubleclick.net"   forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "quantserve.com"    forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "avast.com"         forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "microsoft.com"   forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "edgecast.com"     forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "cloudflare.com" forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "amazon.com"     forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "co.id"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "net.id"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155
forward-zone: name: "web.id"       forward-addr: 202.134.1.10      forward-addr: 202.134.0.155

forward-zone:
name: "."
#forward-addr: 103.5.48.49
#forward-addr: 103.5.49.50
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4
     
remote-control:
        control-enable: yes
        control-interface: 127.0.0.1
        control-port: 953
        server-key-file: "/etc/unbound/unbound_server.key"
        server-cert-file: "/etc/unbound/unbound_server.pem"
        control-key-file: "/etc/unbound/unbound_control.key"
        control-cert-file: "/etc/unbound/unbound_control.pem"

1 komentar:

  1. Saya tertarik dengan postingan anda ini, informasi DNS yg sangat berguna sekali.
    Saya juga mempunyai tulisan yang sejenis yang bisa anda kunjungi di
    Informasi Seputar Cisco Gunadarma

    BalasHapus

Diberdayakan oleh Blogger.