Lines Matching +full:max +full:- +full:msg +full:- +full:size

4 .nr rst2man-indent-level 0
7 \\$1 \\n[an-margin]
8 level \\n[rst2man-indent-level]
9 level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
10 -
11 \\n[rst2man-indent0]
12 \\n[rst2man-indent1]
13 \\n[rst2man-indent2]
18 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
19 . nr rst2man-indent-level +1
24 .\" indent \\n[an-margin]
25 .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
26 .nr rst2man-indent-level -1
27 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
30 .TH "UNBOUND-CONTROL" "8" "Oct 22, 2025" "1.24.1" "Unbound"
32 unbound-control \- Unbound 1.24.1 remote server control utility.
35 \fBunbound\-control\fP [\fB\-hq\fP] [\fB\-c cfgfile\fP] [\fB\-s server\fP] command
38 \fBunbound\-control\fP performs remote administration on the
46 .B \-h
51 .B \-c <cfgfile>
58 .B \-s <server[@port]>
64 .B \-q
77 It is started with the config file specified using \fI\%\-c\fP or the
136 \fI\%access\-control\fP and similar options,
137 \fI\%interface\-action\fP and similar
139 \fI\%tcp\-connection\-limit\fP\&.
141 \fI\%define\-tag\fP
144 \fI\%insecure\-lan\-zones\fP,
145 \fI\%domain\-insecure\fP,
146 \fI\%trust\-anchor\-file\fP,
147 \fI\%trust\-anchor\fP,
148 \fI\%trusted\-keys\-file\fP,
149 \fI\%auto\-trust\-anchor\-file\fP,
150 \fI\%edns\-client\-string\fP,
152 \fI\%log\-identity\fP,
153 \fI\%infra\-cache\-numhosts\fP,
154 \fI\%msg\-cache\-size\fP,
155 \fI\%rrset\-cache\-size\fP,
156 \fI\%key\-cache\-size\fP,
157 \fI\%ratelimit\-size\fP,
158 \fI\%neg\-cache\-size\fP,
159 \fI\%num\-queries\-per\-thread\fP,
160 \fI\%jostle\-timeout\fP,
161 \fI\%use\-caps\-for\-id\fP,
162 \fI\%unwanted\-reply\-threshold\fP,
163 \fI\%tls\-use\-sni\fP,
164 \fI\%outgoing\-tcp\-mss\fP,
165 \fI\%ip\-dscp\fP,
166 \fI\%max\-reuse\-tcp\-queries\fP,
167 \fI\%tcp\-reuse\-timeout\fP,
168 \fI\%tcp\-auth\-query\-timeout\fP,
169 \fI\%delay\-close\fP\&.
170 \fI\%iter\-scrub\-promiscuous\fP\&.
174 \fI\%outgoing\-interface\fP changes,
177 \fI\%outgoing\-port\-permit\fP,
178 \fI\%outgoing\-port\-avoid\fP,
179 \fI\%msg\-buffer\-size\fP,
180 any \fB*\-slabs\fP options and
181 \fI\%statistics\-interval\fP changes.
184 \fI\%dnstap\-log\-resolver\-query\-messages\fP,
185 \fI\%dnstap\-log\-resolver\-response\-messages\fP,
186 \fI\%dnstap\-log\-client\-query\-messages\fP,
187 \fI\%dnstap\-log\-client\-response\-messages\fP,
188 \fI\%dnstap\-log\-forwarder\-query\-messages\fP and
189 \fI\%dnstap\-log\-forwarder\-response\-messages\fP\&.
192 \fI\%dnstap\-enable\fP,
193 \fI\%dnstap\-bidirectional\fP,
194 \fI\%dnstap\-socket\-path\fP,
195 \fI\%dnstap\-ip\fP,
196 \fI\%dnstap\-tls\fP,
197 \fI\%dnstap\-tls\-server\-name\fP,
198 \fI\%dnstap\-tls\-cert\-bundle\fP,
199 \fI\%dnstap\-tls\-client\-key\-file\fP and
200 \fI\%dnstap\-tls\-client\-cert\-file\fP\&.
203 \fI\%dnstap\-send\-identity\fP,
204 \fI\%dnstap\-send\-version\fP,
205 \fI\%dnstap\-identity\fP, and
206 \fI\%dnstap\-version\fP can be loaded
233 \fI\%val\-bogus\-ttl\fP,
234 \fI\%val\-override\-date\fP,
235 \fI\%val\-sig\-skew\-min\fP,
236 \fI\%val\-sig\-skew\-max\fP,
237 \fI\%val\-max\-restart\fP,
238 \fI\%val\-nsec3\-keysize\-iterations\fP,
239 \fI\%target\-fetch\-policy\fP,
240 \fI\%outbound\-msg\-retry\fP,
241 \fI\%max\-sent\-count\fP,
242 \fI\%max\-query\-restarts\fP,
243 \fI\%do\-not\-query\-address\fP,
244 \fI\%do\-not\-query\-localhost\fP,
245 \fI\%private\-address\fP,
246 \fI\%private\-domain\fP,
247 \fI\%caps\-exempt\fP,
248 \fI\%nat64\-prefix\fP,
249 \fI\%do\-nat64\fP,
250 \fI\%infra\-host\-ttl\fP,
251 \fI\%infra\-keep\-probing\fP,
253 \fI\%ip\-ratelimit\fP,
254 \fI\%ip\-ratelimit\-cookie\fP,
255 \fI\%wait\-limit\-netblock\fP,
256 \fI\%wait\-limit\-cookie\-netblock\fP,
257 \fI\%ratelimit\-below\-domain\fP,
258 \fI\%ratelimit\-for\-domain\fP\&.
270 \fI\%define\-tag\fP option,
308 \fBstatistics\-cumulative:\fP config statement.
329 Like local\-zone config statement.
343 Like \fBlocal\-data:\fP keyword, except for when no covering zone exists.
359 Add local zones read from stdin of unbound\-control.
366 Remove local zones read from stdin of unbound\-control.
373 Add local data RRs read from stdin of unbound\-control.
380 Remove local data RRs read from stdin of unbound\-control.
389 Not supported in remote Unbounds in multi\-process operation.
400 Not supported in remote Unbounds in multi\-process operation.
449 with serve\-expired enabled, it\(aqll serve that information but schedule a
469 the dnssec key cache, and iterator last\-resort lookup failures from the
527 The values that work are: statistics\-interval, statistics\-cumulative,
528 do\-not\-query\-localhost,  harden\-short\-bufsize, harden\-large\-queries,
529 harden\-glue, harden\-dnssec\-stripped, harden\-below\-nxdomain,
530 harden\-referral\-path,  prefetch, prefetch\-key, log\-queries, hide\-identity,
531 hide\-version, identity, version, val\-log\-level, val\-log\-squelch,
532 ignore\-cd\-flag, add\-holddown, del\-holddown, keep\-missing, tcp\-upstream,
533 ssl\-upstream, max\-udp\-size, ratelimit, ip\-ratelimit, cache\-max\-ttl,
534 cache\-min\-ttl, cache\-max\-negative\-ttl.
569 List the zones with domain\-insecure.
586 Add a domain\-insecure for the given zone, like the statement in
595 Removes domain\-insecure for the given zone.
601 With \fB+i\fP option also adds a domain\-insecure for the zone (so it can
604 The addr can be IP4, IP6 or nameserver names, like forward\-zone config in
607 \fI\%forward\-tls\-upstream: yes\fP\&.
613 The \fB+i\fP also removes a domain\-insecure for the zone.
619 With \fB+i\fP option also adds a domain\-insecure for the zone.
622 The addr can be IP4, IP6 or nameserver names, like the \fBstub\-zone:\fP
625 \fI\%stub\-tls\-upstream: yes\fP\&.
631 The \fB+i\fP also removes a domain\-insecure for the zone.
643 On startup this is from the forward\-zone \fB\(dq.\(dq\fP configuration.
649 This can be used to avoid to avoid buggy or non\-DNSSEC supporting
699 \fBfor\-upstream: yes\fP and that can be cleared with \fBflush_zone\fP \fIzone\fP\&.
794 \fI\%cookie\-secret\-file\fP
816 The \fBunbound\-control\fP program exits with status code 1 on error, 0 on
820 The setup requires a self\-signed certificate and private keys for both the
822 The script \fBunbound\-control\-setup\fP generates these in the default run
823 directory, or with \fB\-d\fP in another directory.
825 who can use \fBunbound\-control\fP, by default owner and group but not all users.
834 sudo \-u unbound unbound\-control\-setup
844 \fI\%control\-enable\fP in
879 number of queries removed due to discard\-timeout by thread
884 number of queries removed due to wait\-limit by thread
946 .B threadX.query.queue_time_us.max 
949 \fI\%sock\-queue\-timeout\fP is enabled.
966 .B threadX.requestlist.max 
967 Maximum size attained by the internal recursive processing request list.
987 Current size of the request list, includes internally generated queries
993 Current size of the request list, only the requests from client queries.
1017 This helps you spot if the incoming\-num\-tcp buffers are full.
1106 .B total.query.queue_time_us.max 
1121 .B total.requestlist.max 
1122 the maximum of the thread requestlist.max values.
1240 Number of queries with query types 256\-65535.
1249 num.query.class.other is printed for classes 256\-65535.
1409 .B msg.cache.count 
1434 .B msg.cache.max_collisions 
1435 The maximum number of hash table collisions in the msg cache.
1473 The number of queries answered from auth\-zone data, upstream queries.
1480 The number of queries for downstream answered from auth\-zone data.
1525 Possible actions are: nxdomain, nodata, passthru, drop, tcp\-only,
1526 local\-data, disabled, and cname\-override.
1536 \fBunbound_control.key\fP) and self\-signed certificates
1546 1999-2025, NLnet Labs