packages/net/unbound/files/unbound.uci

config unbound 'ub_main'
	option add_extra_dns '0'
	option add_local_fqdn '1'
	option add_wan_fqdn '0'
	option dhcp_link 'none'
	option dhcp4_slaac6 '0'
	option dns64 '0'
	option dns64_prefix '64:ff9b::/96'
	option domain 'lan'
	option domain_type 'static'
	option edns_size '1232'
	option extended_stats '0'
	option hide_binddata '1'
	option interface_auto '1'
	option listen_port '53'
	option localservice '1'
	option manual_conf '0'
	option num_threads '1'
	option protocol 'default'
	option query_minimize '0'
	option query_min_strict '0'
	option rate_limit '0'
	option rebind_localhost '0'
	option rebind_protection '1'
	option recursion 'default'
	option resource 'default'
	option root_age '9'
	option ttl_min '120'
	option unbound_control '0'
	option validator '0'
	option validator_ntp '1'
	option verbosity '1'
	list iface_trig 'lan'
	list iface_trig 'wan'
	list iface_wan 'wan'
	#list domain_insecure 'ntp.example.com'

config zone 'auth_icann'
	# cache the root zone all at once to speed up recursion
	option enabled '0'
	option fallback '1'
	option url_dir 'https://www.internic.net/domain/'
	option zone_type 'auth_zone'
	list server 'lax.xfr.dns.icann.org'
	list server 'iad.xfr.dns.icann.org'
	list zone_name '.'
	list zone_name 'arpa.'
	list zone_name 'in-addr.arpa.'
	list zone_name 'ip6.arpa.'

config zone 'fwd_isp'
	# forward ISP account management to DHCP announced DNS servers
	option enabled '0'
	option fallback '1'
	option resolv_conf '1'
	option zone_type 'forward_zone'
	list zone_name 'isp-bill.example.com.'
	list zone_name 'isp-mail.example.net.'

config zone 'fwd_google'
	option enabled '0'
	option fallback '1'
	option tls_index 'dns.google'
	option tls_upstream '1'
	option zone_type 'forward_zone'
	list server '8.8.4.4'
	list server '8.8.8.8'
	list server '2001:4860:4860::8844'
	list server '2001:4860:4860::8888'
	list zone_name '.'

config zone 'fwd_cloudflare'
	option enabled '0'
	option fallback '1'
	option tls_index 'cloudflare-dns.com'
	option tls_upstream '1'
	option zone_type 'forward_zone'
	list server '1.1.1.1'
	list server '1.0.0.1'
	list server '2606:4700:4700::1111'
	list server '2606:4700:4700::1001'
	list zone_name '.'