MoinQ: ルートゾーンKSK/日本では/dns-oarc.net/unbound/conf

ルートゾーンKSK/日本では/dns-oarc.net/unbound/confについて、ここに記述してください。

max-udp-size: 512
edns-buffer-size: 1220

が気になる。

   harden-referral-path: yes
   minimal-responses: yes
   qname-minimisation-strict: yes

は設定したかも

このconfが使われているのかどうか、はっきりしないが。-- ToshinoriMaeno 2017-07-25 14:54:48

$ more local.conf

# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
## include: "/etc/unbound/unbound.conf.d/*.conf"

server:
        directory: "/etc/unbound"
        username: unbound
#       chroot: "/etc/unbound"
        logfile: "/etc/unbound/unbound.log"
        verbosity: 2
        interface: 127.0.0.2
        module-config: "iterator"
        max-udp-size: 512
        edns-buffer-size: 1220
        do-not-query-localhost: no
        do-not-query-address: 0.0.0.0/8
        harden-referral-path: yes
        minimal-responses: yes
        qname-minimisation-strict: yes
        do-ip4: yes
        do-ip6: no
        do-udp: yes
        do-tcp: yes
        cache-min-ttl: 300
        cache-max-ttl: 7200
        qname-minimisation: yes
        use-caps-for-id: yes
        target-fetch-policy: "0 0 0 0 0 0"
        #tcp-upstream: yes
        logfile: "/etc/unbound/unbound.log"
remote-control:
        # Enable remote control with unbound-control(8) here.
        # set up the keys and certificates with unbound-control-setup.
        control-enable: yes

        # Set to no and use an absolute path as control-interface to use
        # a unix local named pipe for unbound-control.
        control-use-cert: no

        # what interfaces are listened to for remote control.
        # give 0.0.0.0 and ::0 to listen to all interfaces.
        control-interface: 127.0.0.1