bitwhisker
866005c055
- create unbound role - create kea_dhcp role - configure unbound and keadhcp on rt1(z9 host)
19 lines
2.5 KiB
Markdown
19 lines
2.5 KiB
Markdown
# Unbound DNS resolver
|
|
|
|
Role fora a validating, recursive, caching DNS resolver based on [Unbound](https://nlnetlabs.nl/projects/unbound/about/).
|
|
It is designed to be fast and lean and incorporates modern features based on open standards.
|
|
|
|
- [Documentation](https://unbound.docs.nlnetlabs.nl/en/latest/)
|
|
|
|
## Role Customization
|
|
|
|
The following variables can be used to customize this role:
|
|
|
|
| Variable | Type | Default | Description |
|
|
|------------------------------------------|-----------------|-----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|
| unbound_install_prometheus_exporter | Boolean | `true` | Whether [Unbound Exporter](https://github.com/letsencrypt/unbound_exporter) should also be installed to expose resolver statistics in prometheus format. |
|
|
| unbound_bind_interfaces | List of Strings | `[0.0.0.0, ::]` | List of interface names or IP addresses on which unbound will listen for dns queries |
|
|
| unbound_enable_unbound_control | Boolean | `true` | Whether the [remote control](https://unbound.docs.nlnetlabs.nl/en/latest/getting-started/configuration.html#set-up-remote-control) feature of unbound should be configured. |
|
|
| unbound_enable_dnssec | Boolean | `true` | Whether dnssec validation should be enabled |
|
|
| unbound_access_control | List of Strings | `[]` | **Required** List of [unbound access control values](https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html#:~:text=access-control:%20%3CIP%20netblock%3E%20%3Caction%3E) |
|
|
| unbound_disable_systemd_networkd | Boolean | `true` | If true, systemd-networkd is disabled and the local system is pointed towards the configured dns resolver. |
|