aboutsummaryrefslogtreecommitdiffstats
path: root/community/pdns-recursor/recursor.conf
diff options
context:
space:
mode:
Diffstat (limited to 'community/pdns-recursor/recursor.conf')
-rw-r--r--community/pdns-recursor/recursor.conf452
1 files changed, 452 insertions, 0 deletions
diff --git a/community/pdns-recursor/recursor.conf b/community/pdns-recursor/recursor.conf
new file mode 100644
index 0000000000..1db31276c4
--- /dev/null
+++ b/community/pdns-recursor/recursor.conf
@@ -0,0 +1,452 @@
+# Autogenerated configuration file template
+#################################
+# allow-from If set, only allow these comma separated netmasks to recurse
+#
+# allow-from=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10
+
+#################################
+# allow-from-file If set, load allowed netmasks from this file
+#
+# allow-from-file=
+
+#################################
+# any-to-tcp Answer ANY queries with tc=1, shunting to TCP
+#
+# any-to-tcp=no
+
+#################################
+# api-config-dir Directory where REST API stores config and zones
+#
+# api-config-dir=
+
+#################################
+# api-key Static pre-shared authentication key for access to the REST API
+#
+# api-key=
+
+#################################
+# api-logfile Location of the server logfile (used by the REST API)
+#
+# api-logfile=/var/log/pdns.log
+
+#################################
+# api-readonly Disallow data modification through the REST API when set
+#
+# api-readonly=no
+
+#################################
+# auth-zones Zones for which we have authoritative data, comma separated domain=file pairs
+#
+# auth-zones=
+
+#################################
+# carbon-interval Number of seconds between carbon (graphite) updates
+#
+# carbon-interval=30
+
+#################################
+# carbon-ourname If set, overrides our reported hostname for carbon stats
+#
+# carbon-ourname=
+
+#################################
+# carbon-server If set, send metrics in carbon (graphite) format to this server
+#
+# carbon-server=
+
+#################################
+# chroot switch to chroot jail
+#
+# chroot=
+
+#################################
+# client-tcp-timeout Timeout in seconds when talking to TCP clients
+#
+# client-tcp-timeout=2
+
+#################################
+# config-dir Location of configuration directory (recursor.conf)
+#
+# config-dir=/etc
+
+#################################
+# config-name Name of this virtual configuration - will rename the binary image
+#
+# config-name=
+
+#################################
+# daemon Operate as a daemon
+#
+daemon=yes
+
+#################################
+# delegation-only Which domains we only accept delegations from
+#
+# delegation-only=
+
+#################################
+# disable-packetcache Disable packetcache
+#
+# disable-packetcache=no
+
+#################################
+# disable-syslog Disable logging to syslog, useful when running inside a supervisor that logs stdout
+#
+# disable-syslog=no
+
+#################################
+# dnssec DNSSEC mode: off/process-no-validate (default)/process/log-fail/validate
+#
+# dnssec=process-no-validate
+
+#################################
+# dnssec-log-bogus Log DNSSEC bogus validations
+#
+# dnssec-log-bogus=no
+
+#################################
+# dont-query If set, do not query these netmasks for DNS data
+#
+# dont-query=127.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32
+
+#################################
+# edns-outgoing-bufsize Outgoing EDNS buffer size
+#
+# edns-outgoing-bufsize=1680
+
+#################################
+# edns-subnet-whitelist List of netmasks and domains that we should enable EDNS subnet for
+#
+# edns-subnet-whitelist=
+
+#################################
+# entropy-source If set, read entropy from this file
+#
+# entropy-source=/dev/urandom
+
+#################################
+# etc-hosts-file Path to 'hosts' file
+#
+# etc-hosts-file=/etc/hosts
+
+#################################
+# export-etc-hosts If we should serve up contents from /etc/hosts
+#
+# export-etc-hosts=off
+
+#################################
+# export-etc-hosts-search-suffix Also serve up the contents of /etc/hosts with this suffix
+#
+# export-etc-hosts-search-suffix=
+
+#################################
+# forward-zones Zones for which we forward queries, comma separated domain=ip pairs
+#
+# forward-zones=
+
+#################################
+# forward-zones-file File with (+)domain=ip pairs for forwarding
+#
+# forward-zones-file=
+
+#################################
+# forward-zones-recurse Zones for which we forward queries with recursion bit, comma separated domain=ip pairs
+#
+# forward-zones-recurse=
+
+#################################
+# hint-file If set, load root hints from this file
+#
+# hint-file=
+
+#################################
+# include-dir Include *.conf files from this directory
+#
+# include-dir=
+
+#################################
+# latency-statistic-size Number of latency values to calculate the qa-latency average
+#
+# latency-statistic-size=10000
+
+#################################
+# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
+#
+# local-address=127.0.0.1
+
+#################################
+# local-port port to listen on
+#
+local-port=5353
+
+#################################
+# log-common-errors If we should log rather common errors
+#
+# log-common-errors=no
+
+#################################
+# logging-facility Facility to log messages as. 0 corresponds to local0
+#
+# logging-facility=
+
+#################################
+# loglevel Amount of logging. Higher is more. Do not set below 3
+#
+# loglevel=4
+
+#################################
+# lowercase-outgoing Force outgoing questions to lowercase
+#
+# lowercase-outgoing=no
+
+#################################
+# lua-config-file More powerful configuration options
+#
+# lua-config-file=
+
+#################################
+# lua-dns-script Filename containing an optional 'lua' script that will be used to modify dns answers
+#
+# lua-dns-script=
+
+#################################
+# max-cache-entries If set, maximum number of entries in the main cache
+#
+# max-cache-entries=1000000
+
+#################################
+# max-cache-ttl maximum number of seconds to keep a cached entry in memory
+#
+# max-cache-ttl=86400
+
+#################################
+# max-mthreads Maximum number of simultaneous Mtasker threads
+#
+# max-mthreads=2048
+
+#################################
+# max-negative-ttl maximum number of seconds to keep a negative cached entry in memory
+#
+# max-negative-ttl=3600
+
+#################################
+# max-packetcache-entries maximum number of entries to keep in the packetcache
+#
+# max-packetcache-entries=500000
+
+#################################
+# max-qperq Maximum outgoing queries per query
+#
+# max-qperq=50
+
+#################################
+# max-tcp-clients Maximum number of simultaneous TCP clients
+#
+# max-tcp-clients=128
+
+#################################
+# max-tcp-per-client If set, maximum number of TCP sessions per client (IP address)
+#
+# max-tcp-per-client=0
+
+#################################
+# max-total-msec Maximum total wall-clock time per query in milliseconds, 0 for unlimited
+#
+# max-total-msec=7000
+
+#################################
+# minimum-ttl-override Set under adverse conditions, a minimum TTL
+#
+# minimum-ttl-override=0
+
+#################################
+# network-timeout Wait this nummer of milliseconds for network i/o
+#
+# network-timeout=1500
+
+#################################
+# no-shuffle Don't change
+#
+# no-shuffle=off
+
+#################################
+# non-local-bind Enable binding to non-local addresses by using FREEBIND / BINDANY socket options
+#
+# non-local-bind=no
+
+#################################
+# packetcache-servfail-ttl maximum number of seconds to keep a cached servfail entry in packetcache
+#
+# packetcache-servfail-ttl=60
+
+#################################
+# packetcache-ttl maximum number of seconds to keep a cached entry in packetcache
+#
+# packetcache-ttl=3600
+
+#################################
+# pdns-distributes-queries If PowerDNS itself should distribute queries over threads
+#
+# pdns-distributes-queries=
+
+#################################
+# processes Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)
+#
+# processes=1
+
+#################################
+# query-local-address Source IP address for sending queries
+#
+# query-local-address=0.0.0.0
+
+#################################
+# query-local-address6 Source IPv6 address for sending queries. IF UNSET, IPv6 WILL NOT BE USED FOR OUTGOING QUERIES
+#
+# query-local-address6=
+
+#################################
+# quiet Suppress logging of questions and answers
+#
+# quiet=
+
+#################################
+# reuseport Enable SO_REUSEPORT allowing multiple recursors processes to listen to 1 address
+#
+# reuseport=no
+
+#################################
+# root-nx-trust If set, believe that an NXDOMAIN from the root means the TLD does not exist
+#
+# root-nx-trust=yes
+
+#################################
+# security-poll-suffix Domain name from which to query security update notifications
+#
+# security-poll-suffix=secpoll.powerdns.com.
+
+#################################
+# serve-rfc1918 If we should be authoritative for RFC 1918 private IP space
+#
+# serve-rfc1918=
+
+#################################
+# server-down-max-fails Maximum number of consecutive timeouts (and unreachables) to mark a server as down ( 0 => disabled )
+#
+# server-down-max-fails=64
+
+#################################
+# server-down-throttle-time Number of seconds to throttle all queries to a server after being marked as down
+#
+# server-down-throttle-time=60
+
+#################################
+# server-id Returned when queried for 'server.id' TXT or NSID, defaults to hostname
+#
+# server-id=
+
+#################################
+# setgid If set, change group id to this gid for more security
+#
+setgid=recursor
+
+#################################
+# setuid If set, change user id to this uid for more security
+#
+setuid=recursor
+
+#################################
+# single-socket If set, only use a single socket for outgoing queries
+#
+# single-socket=off
+
+#################################
+# soa-minimum-ttl Don't change
+#
+# soa-minimum-ttl=0
+
+#################################
+# socket-dir Where the controlsocket will live, /var/run when unset and not chrooted
+#
+# socket-dir=
+
+#################################
+# socket-group Group of socket
+#
+# socket-group=
+
+#################################
+# socket-mode Permissions for socket
+#
+# socket-mode=
+
+#################################
+# socket-owner Owner of socket
+#
+# socket-owner=
+
+#################################
+# spoof-nearmiss-max If non-zero, assume spoofing after this many near misses
+#
+# spoof-nearmiss-max=20
+
+#################################
+# stack-size stack size per mthread
+#
+# stack-size=200000
+
+#################################
+# stats-ringbuffer-entries maximum number of packets to store statistics for
+#
+# stats-ringbuffer-entries=10000
+
+#################################
+# threads Launch this number of threads
+#
+# threads=2
+
+#################################
+# trace if we should output heaps of logging. set to 'fail' to only log failing domains
+#
+# trace=off
+
+#################################
+# udp-truncation-threshold Maximum UDP response size before we truncate
+#
+# udp-truncation-threshold=1680
+
+#################################
+# version-string string reported on version.pdns or version.bind
+#
+# version-string=PowerDNS Recursor 4.0.1 (built Aug 15 2016 11:06:59 by coredumb@alpine-dev.internal)
+
+#################################
+# webserver Start a webserver (for REST API)
+#
+# webserver=no
+
+#################################
+# webserver-address IP Address of webserver to listen on
+#
+# webserver-address=127.0.0.1
+
+#################################
+# webserver-allow-from Webserver access is only allowed from these subnets
+#
+# webserver-allow-from=0.0.0.0/0,::/0
+
+#################################
+# webserver-password Password required for accessing the webserver
+#
+# webserver-password=
+
+#################################
+# webserver-port Port of webserver to listen on
+#
+# webserver-port=8082
+
+#################################
+# write-pid Write a PID file
+#
+# write-pid=yes
+
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 09:21:18 +0000