Configuration interface¶

Currently passed to Python module in init(module_id, cfg).

config_file¶

class config_file¶

This class provides these data attributes:

verbosity¶: Verbosity level as specified in the config file.

stat_interval¶: Statistics interval (in seconds).

stat_cumulative¶: If false, statistics values are reset after printing them.

stat_extended¶: If true, the statistics are kept in greater detail.

num_threads¶: Number of threads to create.

port¶: Port on which queries are answered.

do_ip4¶: Do ip4 query support.

do_ip6¶: Do ip6 query support.

do_udp¶: Do udp query support.

do_tcp¶: Do tcp query support.

outgoing_num_ports¶: Outgoing port range number of ports (per thread).

outgoing_num_tcp¶: Number of outgoing tcp buffers per (per thread).

incoming_num_tcp¶: Number of incoming tcp buffers per (per thread).

outgoing_avail_ports¶: Allowed udp port numbers, array with 0 if not allowed.

msg_buffer_size¶: Number of bytes buffer size for DNS messages.

msg_cache_size¶: Size of the message cache.

msg_cache_slabs¶: Slabs in the message cache.

num_queries_per_thread¶: Number of queries every thread can service.

jostle_time¶: Number of msec to wait before items can be jostled out.

rrset_cache_size¶: Size of the rrset cache.

rrset_cache_slabs¶: Slabs in the rrset cache.

host_ttl¶: Host cache ttl in seconds.

lame_ttl¶: Host is lame for a zone ttl, in seconds.

infra_cache_slabs¶: Number of slabs in the infra host cache.

infra_cache_numhosts¶: Max number of hosts in the infra cache.

infra_cache_lame_size¶: Max size of lame zones per host in the infra cache.

target_fetch_policy¶: The target fetch policy for the iterator.

if_automatic¶: Automatic interface for incoming messages. Uses ipv6 remapping, and recvmsg/sendmsg ancillary data to detect interfaces, boolean.

num_ifs¶: Number of interfaces to open. If 0 default all interfaces.

ifs¶: Interface description strings (IP addresses).

num_out_ifs¶: Number of outgoing interfaces to open. If 0 default all interfaces.

out_ifs¶: Outgoing interface description strings (IP addresses).

root_hints¶: The root hints.

stubs¶: The stub definitions, linked list.

forwards¶: The forward zone definitions, linked list.

donotqueryaddrs¶: List of donotquery addresses, linked list.

acls¶: List of access control entries, linked list.

donotquery_localhost¶: Use default localhost donotqueryaddr entries.

harden_short_bufsize¶: Harden against very small edns buffer sizes.

harden_large_queries¶: Harden against very large query sizes.

harden_glue¶: Harden against spoofed glue (out of zone data).

harden_dnssec_stripped¶: Harden against receiving no DNSSEC data for trust anchor.

harden_referral_path¶: Harden the referral path, query for NS,A,AAAA and validate.

use_caps_bits_for_id¶: Use 0x20 bits in query as random ID bits.

private_address¶: Strip away these private addrs from answers, no DNS Rebinding.

private_domain¶: Allow domain (and subdomains) to use private address space.

unwanted_threshold¶: What threshold for unwanted action.

chrootdir¶: Chrootdir, if not “” or chroot will be done.

username¶: Username to change to, if not “”.

directory¶: Working directory.

logfile¶: Filename to log to.

pidfile¶: Pidfile to write pid to.

use_syslog¶: Should log messages be sent to syslogd.

hide_identity¶: Do not report identity (id.server, hostname.bind).

hide_version¶: Do not report version (version.server, version.bind).

identity¶: Identity, hostname is returned if “”.

version¶: Version, package version returned if “”.

module_conf¶: The module configuration string.

trust_anchor_file_list¶: Files with trusted DS and DNSKEYs in zonefile format, list.

trust_anchor_list¶: List of trustanchor keys, linked list.

trusted_keys_file_list¶: Files with trusted DNSKEYs in named.conf format, list.

dlv_anchor_file¶: DLV anchor file.

dlv_anchor_list¶: DLV anchor inline.

max_ttl¶: The number of seconds maximal TTL used for RRsets and messages.

val_date_override¶: If not 0, this value is the validation date for RRSIGs.

bogus_ttl¶: This value sets the number of seconds before revalidating bogus.

val_clean_additional¶: Should validator clean additional section for secure msgs.

val_permissive_mode¶: Should validator allow bogus messages to go through.

val_nsec3_key_iterations¶: Nsec3 maximum iterations per key size, string.

key_cache_size¶: Size of the key cache.

key_cache_slabs¶: Slabs in the key cache.

neg_cache_size¶: Size of the neg cache.

local_zones¶: Local zones config.

local_zones_nodefault¶: Local zones nodefault list.

local_data¶: Local data RRs configged.

remote_control_enable¶: Remote control section. enable toggle.

control_ifs¶: The interfaces the remote control should listen on.

control_port¶: Port number for the control port.

server_key_file¶: Private key file for server.

server_cert_file¶: Certificate file for server.

control_key_file¶: Private key file for unbound-control.

control_cert_file¶: Certificate file for unbound-control.

do_daemonize¶: Daemonize, i.e. fork into the background.

python_script¶: Python script file.

Table Of Contents

Configuration interface
- config_file

Previous topic

Scriptable functions

Quick search