Configuration interface

Currently passed to Python module in init(module_id, cfg).

config_file

class config_file

This class provides these data attributes:

verbosity

Verbosity level as specified in the config file.

stat_interval

Statistics interval (in seconds).

stat_cumulative

If false, statistics values are reset after printing them.

stat_extended

If true, the statistics are kept in greater detail.

num_threads

Number of threads to create.

port

Port on which queries are answered.

do_ip4

Do ip4 query support.

do_ip6

Do ip6 query support.

do_udp

Do udp query support.

do_tcp

Do tcp query support.

outgoing_num_ports

Outgoing port range number of ports (per thread).

outgoing_num_tcp

Number of outgoing tcp buffers per (per thread).

incoming_num_tcp

Number of incoming tcp buffers per (per thread).

outgoing_avail_ports

Allowed udp port numbers, array with 0 if not allowed.

msg_buffer_size

Number of bytes buffer size for DNS messages.

msg_cache_size

Size of the message cache.

msg_cache_slabs

Slabs in the message cache.

num_queries_per_thread

Number of queries every thread can service.

jostle_time

Number of msec to wait before items can be jostled out.

rrset_cache_size

Size of the rrset cache.

rrset_cache_slabs

Slabs in the rrset cache.

host_ttl

Host cache ttl in seconds.

lame_ttl

Host is lame for a zone ttl, in seconds.

infra_cache_slabs

Number of slabs in the infra host cache.

infra_cache_numhosts

Max number of hosts in the infra cache.

infra_cache_lame_size

Max size of lame zones per host in the infra cache.

target_fetch_policy

The target fetch policy for the iterator.

if_automatic

Automatic interface for incoming messages. Uses ipv6 remapping, and recvmsg/sendmsg ancillary data to detect interfaces, boolean.

num_ifs

Number of interfaces to open. If 0 default all interfaces.

ifs

Interface description strings (IP addresses).

num_out_ifs

Number of outgoing interfaces to open. If 0 default all interfaces.

out_ifs

Outgoing interface description strings (IP addresses).

root_hints

The root hints.

stubs

The stub definitions, linked list.

forwards

The forward zone definitions, linked list.

donotqueryaddrs

List of donotquery addresses, linked list.

acls

List of access control entries, linked list.

donotquery_localhost

Use default localhost donotqueryaddr entries.

harden_short_bufsize

Harden against very small edns buffer sizes.

harden_large_queries

Harden against very large query sizes.

harden_glue

Harden against spoofed glue (out of zone data).

harden_dnssec_stripped

Harden against receiving no DNSSEC data for trust anchor.

harden_referral_path

Harden the referral path, query for NS,A,AAAA and validate.

use_caps_bits_for_id

Use 0x20 bits in query as random ID bits.

private_address

Strip away these private addrs from answers, no DNS Rebinding.

private_domain

Allow domain (and subdomains) to use private address space.

unwanted_threshold

What threshold for unwanted action.

chrootdir

Chrootdir, if not “” or chroot will be done.

username

Username to change to, if not “”.

directory

Working directory.

logfile

Filename to log to.

pidfile

Pidfile to write pid to.

use_syslog

Should log messages be sent to syslogd.

hide_identity

Do not report identity (id.server, hostname.bind).

hide_version

Do not report version (version.server, version.bind).

identity

Identity, hostname is returned if “”.

version

Version, package version returned if “”.

module_conf

The module configuration string.

trust_anchor_file_list

Files with trusted DS and DNSKEYs in zonefile format, list.

trust_anchor_list

List of trustanchor keys, linked list.

trusted_keys_file_list

Files with trusted DNSKEYs in named.conf format, list.

dlv_anchor_file

DLV anchor file.

dlv_anchor_list

DLV anchor inline.

max_ttl

The number of seconds maximal TTL used for RRsets and messages.

val_date_override

If not 0, this value is the validation date for RRSIGs.

bogus_ttl

This value sets the number of seconds before revalidating bogus.

val_clean_additional

Should validator clean additional section for secure msgs.

val_permissive_mode

Should validator allow bogus messages to go through.

val_nsec3_key_iterations

Nsec3 maximum iterations per key size, string.

key_cache_size

Size of the key cache.

key_cache_slabs

Slabs in the key cache.

neg_cache_size

Size of the neg cache.

local_zones

Local zones config.

local_zones_nodefault

Local zones nodefault list.

local_data

Local data RRs configured.

remote_control_enable

Remote control section. enable toggle.

control_ifs

The interfaces the remote control should listen on.

control_port

Port number for the control port.

server_key_file

Private key file for server.

server_cert_file

Certificate file for server.

control_key_file

Private key file for unbound-control.

control_cert_file

Certificate file for unbound-control.

do_daemonize

Daemonize, i.e. fork into the background.

python_script

Python script file.