Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/obi12341/docker-unbound

unbound DNS Resolver running in a Docker Container with DNSSEC enabled
https://github.com/obi12341/docker-unbound

docker docker-image dockerfile resolver unbound

Last synced: 17 days ago
JSON representation

unbound DNS Resolver running in a Docker Container with DNSSEC enabled

Awesome Lists containing this project

README

        

# Unbound (with DNSSEC validation)

## Running

Just use this command to start the container. Unbound will listen on port 53/udp.

`docker run --name unbound -d -p 53:53/udp -p 53:53 mobilistics/unbound:1.21.0`

(optional)
If you want to override the nameserver in the unbound container, you can use:

`docker run --name unbound -d -p 53:53/udp -p 53:53 --dns="127.0.0.1" mobilistics/unbound:1.21.0`

## Configuration

These options can be set via the environment variable -e flag:

- **DO_IPV6**: Enable or disable ipv6. (Default: "yes", Possible Values: "yes, no")
- **DO_IPV4**: Enable or disable ipv4. (Default: "yes", Possible Values: "yes, no")
- **DO_UDP**: Enable or disable udp. (Default: "yes", Possible Values: "yes, no")
- **DO_TCP**: Enable or disable tcp. (Default: "yes", Possible Values: "yes, no")
- **VERBOSITY**: Verbosity number, 0 is least verbose. (Default: "0", Possible Values: "")
- **NUM_THREADS**: Number of threads to create. 1 disables threading. (Default: "1", Possible Values: "")
- **SO_RCVBUFF**: Buffer size for UDP port 53 incoming. Use 4m to catch query spikes for busy servers. (Default: "0", Possible Values: "")
- **SO_SNDBUF**: Buffer size for UDP port 53 outgoing. Use 4m to handle spikes on very busy servers. (Default: "0", Possible Values: "")
- **SO_REUSEPORT**: Use SO_REUSEPORT to distribute queries over threads. (Default: "no", Possible Values: "yes, no")
- **EDNS_BUFFER_SIZE**: EDNS reassembly buffer to advertise to UDP peers. 1480 can solve fragmentation (timeouts). (Default: "4096", Possible Values: "")
- **MSG_CACHE_SIZE**: The amount of memory to use for the message cache. Plain value in bytes or you can append k, m or G. (Default: "4m", Possible Values: "")
- **RRSET_CACHE_SIZE**: The amount of memory to use for the RRset cache. Plain value in bytes or you can append k, m or G. (Default: "4m", Possible Values: "")
- **CACHE_MIN_TTL**: The time to live (TTL) value lower bound, in seconds. If more than an hour could easily give trouble due to stale data. (Default: "0", Possible Values: "")
- **CACHE_MAX_TTL**: The time to live (TTL) value cap for RRsets and messages in the cache. Items are not cached for longer. In seconds. (Default: "86400", Possible Values: "")
- **CACHE_MAX_NEGATIVE_TTL**: The time to live (TTL) value cap for negative responses in the cache. (Default: "3600", Possible Values: "")
- **PREFETCH**: Enable to automatically re-fetch cached records before they expire. (Default: "no", Possible Values: "yes, no")
- **HIDE_IDENTITY**: Enable to not answer id.server and hostname.bind queries. (Default: "no", Possible Values: "yes, no")
- **HIDE_VERSION**: Enable to not answer version.server and version.bind queries. (Default: "no", Possible Values: "yes, no")
- **STATISTICS_INTERVAL**: print statistics to the log (for every thread) every N seconds. (Default: "0", Possible Values: "0, 1")
- **STATISTICS_CUMULATIVE**: enable cumulative statistics, without clearing them after printing. (Default: "no", Possible Values: "yes, no")
- **EXTENDED_STATISTICS**: enable extended statistics (query types, answer codes, status) printed from unbound-control. (Default: "no", Possible Values: "yes, no")
- **INTERFACE**: Sets the interface to listen on useful when using --net=host (Default 0.0.0.0, Possible Values: "", "@")
- **REMOTE_CONTROL_ENABLE**: Enable the remote control feature (Default "yes", Possible Values: "yes, no")