Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/obi12341/docker-unbound
unbound DNS Resolver running in a Docker Container with DNSSEC enabled
https://github.com/obi12341/docker-unbound
docker docker-image dockerfile resolver unbound
Last synced: 17 days ago
JSON representation
unbound DNS Resolver running in a Docker Container with DNSSEC enabled
- Host: GitHub
- URL: https://github.com/obi12341/docker-unbound
- Owner: obi12341
- License: apache-2.0
- Created: 2015-07-20T16:39:03.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2024-09-04T11:59:30.000Z (4 months ago)
- Last Synced: 2024-11-28T22:38:59.442Z (24 days ago)
- Topics: docker, docker-image, dockerfile, resolver, unbound
- Language: Shell
- Homepage:
- Size: 106 KB
- Stars: 55
- Watchers: 5
- Forks: 35
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# Unbound (with DNSSEC validation)
## Running
Just use this command to start the container. Unbound will listen on port 53/udp.
`docker run --name unbound -d -p 53:53/udp -p 53:53 mobilistics/unbound:1.21.0`
(optional)
If you want to override the nameserver in the unbound container, you can use:`docker run --name unbound -d -p 53:53/udp -p 53:53 --dns="127.0.0.1" mobilistics/unbound:1.21.0`
## Configuration
These options can be set via the environment variable -e flag:
- **DO_IPV6**: Enable or disable ipv6. (Default: "yes", Possible Values: "yes, no")
- **DO_IPV4**: Enable or disable ipv4. (Default: "yes", Possible Values: "yes, no")
- **DO_UDP**: Enable or disable udp. (Default: "yes", Possible Values: "yes, no")
- **DO_TCP**: Enable or disable tcp. (Default: "yes", Possible Values: "yes, no")
- **VERBOSITY**: Verbosity number, 0 is least verbose. (Default: "0", Possible Values: "")
- **NUM_THREADS**: Number of threads to create. 1 disables threading. (Default: "1", Possible Values: "")
- **SO_RCVBUFF**: Buffer size for UDP port 53 incoming. Use 4m to catch query spikes for busy servers. (Default: "0", Possible Values: "")
- **SO_SNDBUF**: Buffer size for UDP port 53 outgoing. Use 4m to handle spikes on very busy servers. (Default: "0", Possible Values: "")
- **SO_REUSEPORT**: Use SO_REUSEPORT to distribute queries over threads. (Default: "no", Possible Values: "yes, no")
- **EDNS_BUFFER_SIZE**: EDNS reassembly buffer to advertise to UDP peers. 1480 can solve fragmentation (timeouts). (Default: "4096", Possible Values: "")
- **MSG_CACHE_SIZE**: The amount of memory to use for the message cache. Plain value in bytes or you can append k, m or G. (Default: "4m", Possible Values: "")
- **RRSET_CACHE_SIZE**: The amount of memory to use for the RRset cache. Plain value in bytes or you can append k, m or G. (Default: "4m", Possible Values: "")
- **CACHE_MIN_TTL**: The time to live (TTL) value lower bound, in seconds. If more than an hour could easily give trouble due to stale data. (Default: "0", Possible Values: "")
- **CACHE_MAX_TTL**: The time to live (TTL) value cap for RRsets and messages in the cache. Items are not cached for longer. In seconds. (Default: "86400", Possible Values: "")
- **CACHE_MAX_NEGATIVE_TTL**: The time to live (TTL) value cap for negative responses in the cache. (Default: "3600", Possible Values: "")
- **PREFETCH**: Enable to automatically re-fetch cached records before they expire. (Default: "no", Possible Values: "yes, no")
- **HIDE_IDENTITY**: Enable to not answer id.server and hostname.bind queries. (Default: "no", Possible Values: "yes, no")
- **HIDE_VERSION**: Enable to not answer version.server and version.bind queries. (Default: "no", Possible Values: "yes, no")
- **STATISTICS_INTERVAL**: print statistics to the log (for every thread) every N seconds. (Default: "0", Possible Values: "0, 1")
- **STATISTICS_CUMULATIVE**: enable cumulative statistics, without clearing them after printing. (Default: "no", Possible Values: "yes, no")
- **EXTENDED_STATISTICS**: enable extended statistics (query types, answer codes, status) printed from unbound-control. (Default: "no", Possible Values: "yes, no")
- **INTERFACE**: Sets the interface to listen on useful when using --net=host (Default 0.0.0.0, Possible Values: "", "@")
- **REMOTE_CONTROL_ENABLE**: Enable the remote control feature (Default "yes", Possible Values: "yes, no")