unbound-control.8.in - OpenGrok cross reference for /freebsd/contrib/unbound/doc/unbound-control.8.in

Lines Matching +full:cpu +full:- +full:viewed
4 .nr rst2man-indent-level 0
7 \\$1 \\n[an-margin]
8 level \\n[rst2man-indent-level]
9 level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
10 -
11 \\n[rst2man-indent0]
12 \\n[rst2man-indent1]
13 \\n[rst2man-indent2]
18 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
19 . nr rst2man-indent-level +1
24 .\" indent \\n[an-margin]
25 .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
26 .nr rst2man-indent-level -1
27 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
30 .TH "UNBOUND-CONTROL" "8" "Oct 22, 2025" "1.24.1" "Unbound"
32 unbound-control \- Unbound 1.24.1 remote server control utility.
35 \fBunbound\-control\fP [\fB\-hq\fP] [\fB\-c cfgfile\fP] [\fB\-s server\fP] command
38 \fBunbound\-control\fP performs remote administration on the
46 .B \-h
51 .B \-c <cfgfile>
58 .B \-s <server[@port]>
64 .B \-q
77 It is started with the config file specified using \fI\%\-c\fP or the
136 \fI\%access\-control\fP and similar options,
137 \fI\%interface\-action\fP and similar
139 \fI\%tcp\-connection\-limit\fP\&.
141 \fI\%define\-tag\fP
144 \fI\%insecure\-lan\-zones\fP,
145 \fI\%domain\-insecure\fP,
146 \fI\%trust\-anchor\-file\fP,
147 \fI\%trust\-anchor\fP,
148 \fI\%trusted\-keys\-file\fP,
149 \fI\%auto\-trust\-anchor\-file\fP,
150 \fI\%edns\-client\-string\fP,
152 \fI\%log\-identity\fP,
153 \fI\%infra\-cache\-numhosts\fP,
154 \fI\%msg\-cache\-size\fP,
155 \fI\%rrset\-cache\-size\fP,
156 \fI\%key\-cache\-size\fP,
157 \fI\%ratelimit\-size\fP,
158 \fI\%neg\-cache\-size\fP,
159 \fI\%num\-queries\-per\-thread\fP,
160 \fI\%jostle\-timeout\fP,
161 \fI\%use\-caps\-for\-id\fP,
162 \fI\%unwanted\-reply\-threshold\fP,
163 \fI\%tls\-use\-sni\fP,
164 \fI\%outgoing\-tcp\-mss\fP,
165 \fI\%ip\-dscp\fP,
166 \fI\%max\-reuse\-tcp\-queries\fP,
167 \fI\%tcp\-reuse\-timeout\fP,
168 \fI\%tcp\-auth\-query\-timeout\fP,
169 \fI\%delay\-close\fP\&.
170 \fI\%iter\-scrub\-promiscuous\fP\&.
174 \fI\%outgoing\-interface\fP changes,
177 \fI\%outgoing\-port\-permit\fP,
178 \fI\%outgoing\-port\-avoid\fP,
179 \fI\%msg\-buffer\-size\fP,
180 any \fB*\-slabs\fP options and
181 \fI\%statistics\-interval\fP changes.
184 \fI\%dnstap\-log\-resolver\-query\-messages\fP,
185 \fI\%dnstap\-log\-resolver\-response\-messages\fP,
186 \fI\%dnstap\-log\-client\-query\-messages\fP,
187 \fI\%dnstap\-log\-client\-response\-messages\fP,
188 \fI\%dnstap\-log\-forwarder\-query\-messages\fP and
189 \fI\%dnstap\-log\-forwarder\-response\-messages\fP\&.
192 \fI\%dnstap\-enable\fP,
193 \fI\%dnstap\-bidirectional\fP,
194 \fI\%dnstap\-socket\-path\fP,
195 \fI\%dnstap\-ip\fP,
196 \fI\%dnstap\-tls\fP,
197 \fI\%dnstap\-tls\-server\-name\fP,
198 \fI\%dnstap\-tls\-cert\-bundle\fP,
199 \fI\%dnstap\-tls\-client\-key\-file\fP and
200 \fI\%dnstap\-tls\-client\-cert\-file\fP\&.
203 \fI\%dnstap\-send\-identity\fP,
204 \fI\%dnstap\-send\-version\fP,
205 \fI\%dnstap\-identity\fP, and
206 \fI\%dnstap\-version\fP can be loaded
223 viewed consistently, either old or new values together.
233 \fI\%val\-bogus\-ttl\fP,
234 \fI\%val\-override\-date\fP,
235 \fI\%val\-sig\-skew\-min\fP,
236 \fI\%val\-sig\-skew\-max\fP,
237 \fI\%val\-max\-restart\fP,
238 \fI\%val\-nsec3\-keysize\-iterations\fP,
239 \fI\%target\-fetch\-policy\fP,
240 \fI\%outbound\-msg\-retry\fP,
241 \fI\%max\-sent\-count\fP,
242 \fI\%max\-query\-restarts\fP,
243 \fI\%do\-not\-query\-address\fP,
244 \fI\%do\-not\-query\-localhost\fP,
245 \fI\%private\-address\fP,
246 \fI\%private\-domain\fP,
247 \fI\%caps\-exempt\fP,
248 \fI\%nat64\-prefix\fP,
249 \fI\%do\-nat64\fP,
250 \fI\%infra\-host\-ttl\fP,
251 \fI\%infra\-keep\-probing\fP,
253 \fI\%ip\-ratelimit\fP,
254 \fI\%ip\-ratelimit\-cookie\fP,
255 \fI\%wait\-limit\-netblock\fP,
256 \fI\%wait\-limit\-cookie\-netblock\fP,
257 \fI\%ratelimit\-below\-domain\fP,
258 \fI\%ratelimit\-for\-domain\fP\&.
270 \fI\%define\-tag\fP option,
308 \fBstatistics\-cumulative:\fP config statement.
329 Like local\-zone config statement.
343 Like \fBlocal\-data:\fP keyword, except for when no covering zone exists.
359 Add local zones read from stdin of unbound\-control.
366 Remove local zones read from stdin of unbound\-control.
373 Add local data RRs read from stdin of unbound\-control.
380 Remove local data RRs read from stdin of unbound\-control.
389 Not supported in remote Unbounds in multi\-process operation.
400 Not supported in remote Unbounds in multi\-process operation.
449 with serve\-expired enabled, it\(aqll serve that information but schedule a
469 the dnssec key cache, and iterator last\-resort lookup failures from the
527 The values that work are: statistics\-interval, statistics\-cumulative,
528 do\-not\-query\-localhost,  harden\-short\-bufsize, harden\-large\-queries,
529 harden\-glue, harden\-dnssec\-stripped, harden\-below\-nxdomain,
530 harden\-referral\-path,  prefetch, prefetch\-key, log\-queries, hide\-identity,
531 hide\-version, identity, version, val\-log\-level, val\-log\-squelch,
532 ignore\-cd\-flag, add\-holddown, del\-holddown, keep\-missing, tcp\-upstream,
533 ssl\-upstream, max\-udp\-size, ratelimit, ip\-ratelimit, cache\-max\-ttl,
534 cache\-min\-ttl, cache\-max\-negative\-ttl.
569 List the zones with domain\-insecure.
586 Add a domain\-insecure for the given zone, like the statement in
595 Removes domain\-insecure for the given zone.
601 With \fB+i\fP option also adds a domain\-insecure for the zone (so it can
604 The addr can be IP4, IP6 or nameserver names, like forward\-zone config in
607 \fI\%forward\-tls\-upstream: yes\fP\&.
613 The \fB+i\fP also removes a domain\-insecure for the zone.
619 With \fB+i\fP option also adds a domain\-insecure for the zone.
622 The addr can be IP4, IP6 or nameserver names, like the \fBstub\-zone:\fP
625 \fI\%stub\-tls\-upstream: yes\fP\&.
631 The \fB+i\fP also removes a domain\-insecure for the zone.
643 On startup this is from the forward\-zone \fB\(dq.\(dq\fP configuration.
649 This can be used to avoid to avoid buggy or non\-DNSSEC supporting
699 \fBfor\-upstream: yes\fP and that can be cleared with \fBflush_zone\fP \fIzone\fP\&.
794 \fI\%cookie\-secret\-file\fP
816 The \fBunbound\-control\fP program exits with status code 1 on error, 0 on
820 The setup requires a self\-signed certificate and private keys for both the
822 The script \fBunbound\-control\-setup\fP generates these in the default run
823 directory, or with \fB\-d\fP in another directory.
825 who can use \fBunbound\-control\fP, by default owner and group but not all users.
834 sudo \-u unbound unbound\-control\-setup
844 \fI\%control\-enable\fP in
879 number of queries removed due to discard\-timeout by thread
884 number of queries removed due to wait\-limit by thread
949 \fI\%sock\-queue\-timeout\fP is enabled.
1017 This helps you spot if the incoming\-num\-tcp buffers are full.
1240 Number of queries with query types 256\-65535.
1249 num.query.class.other is printed for classes 256\-65535.
1456 Shared secrets are CPU intensive and this cache allows Unbound to avoid
1473 The number of queries answered from auth\-zone data, upstream queries.
1480 The number of queries for downstream answered from auth\-zone data.
1525 Possible actions are: nxdomain, nodata, passthru, drop, tcp\-only,
1526 local\-data, disabled, and cname\-override.
1536 \fBunbound_control.key\fP) and self\-signed certificates
1546 1999-2025, NLnet Labs