1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
# ignore-unknown-settings Configuration settings to ignore if they are unknown
ignore-unknown-settings=false
# allow-from If set, only allow these comma separated netmasks to recurse
allow-from=127.0.0.0/8, ::1/128, 2a06:5840::/29, 185.110.148.0/22, 151.216.128.0/17, 88.92.0.0/17
#################################
# config-dir Location of configuration directory (recursor.conf)
config-dir=/etc/powerdns
#################################
# dnssec DNSSEC mode: off/process-no-validate/process (default)/log-fail/validate
#
dnssec=validate
#################################
# dnssec-log-bogus Log DNSSEC bogus validations
dnssec-log-bogus=yes
#################################
# hint-file If set, load root hints from this file
hint-file=/usr/share/dns/root.hints
#################################
# include-dir Include *.conf files from this directory
include-dir=/etc/powerdns/recursor.d
#################################
# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
local-address=185.110.148.132,2a06:5841:f:e::132
# query-local-address Send out local queries from this address, or addresses.
query-local-address=185.110.148.130,185.110.148.131,2a06:5841:f:e::130,2a06:5841:f:e::131
# local-port port to listen on
local-port=53
# loglevel Amount of logging. Higher is more. Do not set below 3
loglevel=4
# lua-config-file More powerful configuration options
lua-config-file=/etc/powerdns/recursor.lua
# quiet Suppress logging of questions and answers
quiet=yes
# serve-rfc1918 If we should be authoritative for RFC 1918 private IP space
serve-rfc1918=yes
# setgid If set, change group id to this gid for more security. When running inside systemd, use the User and Group settings in the unit-file!
setgid=pdns
# setuid If set, change user id to this uid for more security. When running inside systemd, use the User and Group settings in the unit-file!
setuid=pdns
# threads Launch this number of threads
# threads=2
# webserver-address IP Address of webserver to listen on
# webserver-address=127.0.0.1
# webserver-allow-from Webserver access is only allowed from these subnets
# webserver-allow-from=127.0.0.1,::1
# webserver-password Password required for accessing the webserver
# webserver-password=
# webserver-port Port of webserver to listen on
# webserver-port=8082
#
#
socket-mode = 770
|
