aboutsummaryrefslogtreecommitdiffstats
path: root/examples/tg23/dns/recursor-dns2.conf
diff options
context:
space:
mode:
Diffstat (limited to 'examples/tg23/dns/recursor-dns2.conf')
-rw-r--r--examples/tg23/dns/recursor-dns2.conf72
1 files changed, 72 insertions, 0 deletions
diff --git a/examples/tg23/dns/recursor-dns2.conf b/examples/tg23/dns/recursor-dns2.conf
new file mode 100644
index 0000000..34e642b
--- /dev/null
+++ b/examples/tg23/dns/recursor-dns2.conf
@@ -0,0 +1,72 @@
+# ignore-unknown-settings Configuration settings to ignore if they are unknown
+ignore-unknown-settings=false
+
+# allow-from If set, only allow these comma separated netmasks to recurse
+allow-from=127.0.0.0/8, ::1/128, 2a06:5840::/29, 185.110.148.0/22, 151.216.128.0/17, 88.92.0.0/17
+
+#################################
+# config-dir Location of configuration directory (recursor.conf)
+config-dir=/etc/powerdns
+
+#################################
+# dnssec DNSSEC mode: off/process-no-validate/process (default)/log-fail/validate
+#
+dnssec=validate
+
+#################################
+# dnssec-log-bogus Log DNSSEC bogus validations
+dnssec-log-bogus=yes
+
+#################################
+# hint-file If set, load root hints from this file
+hint-file=/usr/share/dns/root.hints
+
+#################################
+# include-dir Include *.conf files from this directory
+include-dir=/etc/powerdns/recursor.d
+
+#################################
+# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
+local-address=185.110.148.132,2a06:5841:f:e::132
+
+# query-local-address Send out local queries from this address, or addresses.
+query-local-address=185.110.148.130,185.110.148.131,2a06:5841:f:e::130,2a06:5841:f:e::131
+
+# local-port port to listen on
+local-port=53
+
+# loglevel Amount of logging. Higher is more. Do not set below 3
+loglevel=4
+
+# lua-config-file More powerful configuration options
+lua-config-file=/etc/powerdns/recursor.lua
+
+# quiet Suppress logging of questions and answers
+quiet=yes
+
+# serve-rfc1918 If we should be authoritative for RFC 1918 private IP space
+serve-rfc1918=yes
+
+# setgid If set, change group id to this gid for more security. When running inside systemd, use the User and Group settings in the unit-file!
+setgid=pdns
+
+# setuid If set, change user id to this uid for more security. When running inside systemd, use the User and Group settings in the unit-file!
+setuid=pdns
+
+# threads Launch this number of threads
+# threads=2
+
+# webserver-address IP Address of webserver to listen on
+# webserver-address=127.0.0.1
+
+# webserver-allow-from Webserver access is only allowed from these subnets
+# webserver-allow-from=127.0.0.1,::1
+
+# webserver-password Password required for accessing the webserver
+# webserver-password=
+
+# webserver-port Port of webserver to listen on
+# webserver-port=8082
+#
+#
+socket-mode = 770 \ No newline at end of file