Caching server only

Hi All

I want to setup a caching server only with unbound on each host what is able to ‘survive’ some time without the forwarder. Forward und reverse resolving should work. If it can reach the forwarder then it should ask there for all records (@/A/PTR/CNAME/SRV). If it cant reach the forwarde, then it should deliver the answers from cache. Is this config ok for this?

server:
cache-min-ttl: 0
cache-max-ttl: 86400
infra-host-ttl: 900
infra-cache-numhosts: 10000
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: no
do-daemonize: yes
username: “unbound”
directory: “/etc/unbound”
use-syslog: yes
log-time-ascii: yes
log-queries: yes
pidfile: “/var/run/unbound/unbound.pid”
prefetch: yes
prefetch-key: yes
rrset-roundrobin: yes
minimal-responses: yes
local-zone: “10.in-addr.arpa.” nodefault
local-zone: “16.172.in-addr.arpa.” nodefault
local-zone: “168.192.in-addr.arpa.” nodefault
include: /etc/unbound/local.d/*.conf

include: /etc/unbound/conf.d/*.conf

stub-zone:
name: “10.in-addr.arpa.”
stub-addr: 10.0.8.27
stub-zone:
name: “16.172.in-addr.arpa.”
stub-addr: 10.0.8.27
stub-zone:
name: “168.192.in-addr.arpa.”
stub-addr: 10.0.8.27

forward-zone:
name: “.”
forward-addr: 10.0.8.27

MfG
Christoph Kaminski

hi

no one who can give me an answer?

MfG
Christoph Kaminski

The normal operandi of a caching DNS server like unbound is to query a
forwarder (or the root) only when the answer it has locally is already
expired.

TTLs for a lot of properties are very low (300 typically).
Hence, those records would expire very quickly anyway, likely quicker
than you do not want them to disappear.

Hence, default settings should work fine for you. Unless you want that
cache to persist for a longer time.

If you expect to have frequent outages of the forwarder though, better
to fix that situation...

Greets,
Jeroen