Lines Matching full:queries
59 # listen on all interfaces, answer queries from the local subnet.
119 The port number, default 53, on which the server responds to queries.
123 for queries from clients, and answers to clients are given from it.
137 source interface on UDP queries and copy them to replies. This is a lot like
145 queries to authoritative servers and receive their replies. Can be given
151 lines, the interfaces are then used for both purposes. Outgoing queries are
155 outgoing UDP queries will use a randomised source address taken from the
164 to increase the likelihood of IPv6 nameservers being selected for queries.
177 Permit Unbound to open this port or range of ports for use to send queries.
191 queries. Use this to make sure Unbound does not grab a port that another
198 set to 0, or if do\-tcp is "no", no TCP queries to authoritative servers
203 10. If set to 0, or if do\-tcp is "no", no TCP queries from clients are
248 .B num\-queries\-per\-thread: \fI<number>
249 The number of queries that every thread will service simultaneously.
250 If more queries arrive that need servicing, and no queries can be jostled out
251 (see \fIjostle\-timeout\fR), then the queries are dropped. This forces
253 the existing queries. Default depends on compile options, 512 or 1024.
257 results in one roundtrip to the authority servers. If too many queries
258 arrive, then 50% of the queries are allowed to run to completion, and
261 service by slow queries or high query rates. Default 200 milliseconds.
262 The effect is that the qps for long-lasting queries is about
263 (numqueriesperthread / 2) / (average time for such long queries) qps.
264 The qps for short queries can be about (numqueriesperthread / 2)
289 space on UDP port 53 incoming queries. So that short spikes on busy
300 UDP port 53 outgoing queries. This for very busy servers handles spikes
310 If yes, then open dedicated listening sockets for incoming queries for each
312 distribute incoming queries to threads more evenly. Default is yes.
318 At extreme load it could be better to turn it off to distribute the queries
363 owner intended, and thus less queries are made to look up the data.
400 Enable or disable whether ip4 queries are answered or issued. Default is yes.
403 Enable or disable whether ip6 queries are answered or issued. Default is yes.
404 If disabled, queries are not answered on IPv6, and queries are not sent on
410 If enabled, prefer IPv4 transport for sending DNS queries to internet
417 If enabled, prefer IPv6 transport for sending DNS queries to internet
421 Enable or disable whether UDP queries are answered or issued. Default is yes.
424 Enable or disable whether TCP queries are answered or issued. Default is yes.
428 to queries. Value lower than common MSS on Ethernet
435 Maximum segment size (MSS) of TCP socket for outgoing queries
458 .B max-reuse-tcp-queries: \fI<number>\fR
459 The maximum number of queries that can be sent on a persistent TCP
461 This option defaults to 200 queries.
464 Timeout in milliseconds for TCP queries to auth servers.
487 Enable or disable whether the upstream queries use TCP only for transport.
498 Enabled or disable whether the upstream queries use TLS only for transport.
583 If enabled, TLS serviced queries that contained an EDNS Padding option will
590 to padded queries will be padded.
593 .B pad\-queries: \fI<yes or no>
594 If enabled, all queries sent over TLS upstreams will be padded to the closest
595 multiple of the size specified in \fBpad\-queries\-block\-size\fR.
598 .B pad\-queries\-block\-size: \fI<number>
599 The block size with which to pad queries sent over TLS upstreams.
620 buffers contain (partial) DNS queries waiting for request stream completion.
662 The action \fIdeny\fR stops queries from hosts from that netblock.
664 The action \fIrefuse\fR stops queries too, but sends a DNS rcode REFUSED
669 what almost all clients need). Nonrecursive queries are refused.
671 The \fIallow\fR action does allow nonrecursive queries to access the
674 in the reply. This supports normal operations where nonrecursive queries
675 are made for the authoritative data. For nonrecursive queries any replies
685 sends queries to the resolver DNS server with the RD bit cleared.
689 to cache snooping, a technique to use nonrecursive queries to examine
690 the cache contents (for malicious acts). However, nonrecursive queries can
697 dropping may result in (possibly excessive) retried queries.
797 .B log\-queries: \fI<yes or no>
811 Prints the word 'query' and 'reply' with log\-queries and log\-replies.
821 Print log lines that say why queries return SERVFAIL to clients.
844 If enabled id.server and hostname.bind queries are refused.
851 If enabled version.server and version.bind queries are refused.
874 If enabled trustanchor.unbound queries are refused.
893 Very small EDNS buffer sizes from queries are ignored. Default is on, as
896 .B harden\-large\-queries: \fI<yes or no>
897 Very large queries are ignored. Default is off, since it is legal protocol
916 returns nxdomain to queries for a name
926 Harden the referral path by performing additional queries for
953 queries. For domains that do not support 0x20 and also fail with fallback
1018 queries to. Default is yes.
1032 If yes, deny queries of type ANY with an empty response. Default is no.
1069 all queries.
1178 to find out why validation is failing for these queries. At 2, not only
1213 expired records will be served as long as there are queries for it. Default is
1235 queries. Note that enabling this feature implicitly disables enforcement of
1300 to put out all of the queries for the 'lan' upstream. When enabled,
1352 is in the local data that does not cause a nodata reply for AAAA queries.
1357 This answers queries for the zone, and all subdomains of the zone
1363 queries for www.example.com and www.foo.example.com are redirected, so
1375 infected machines without answering the queries.
1379 Ie. answer queries with fixed data and also log the machines that ask.
1535 Configure local data, which is served in reply to queries for it.
1560 Override the localzone type for queries from addresses matching netblock.
1585 and can be used for other queries.
1642 Enable ratelimiting of queries sent to nameserver for performing recursion.
1644 The ratelimit is in queries per second that are allowed. More queries are
1666 Set the amount of queries to rate limit when the limit is exceeded.
1667 If set to 0, all queries are dropped for domains where the limit is
1670 This can make ordinary queries complete (if repeatedly queried for),
1699 Enable global ratelimiting of queries accepted per IP address.
1701 The ratelimit is in queries per second that are allowed. More queries are
1718 Set the amount of queries to rate limit when the limit is exceeded.
1719 If set to 0, all queries are dropped for addresses where the limit is
1722 This can make ordinary queries complete (if repeatedly queried for),
1756 Include an EDNS0 option containing configured ascii string in queries with
1849 AD bit). This setup makes Unbound capable of answering queries for the
1891 Enabled or disable whether the queries to this stub use TLS for transport.
1898 If it is set to "yes" then upstream queries use TCP only for transport regardless of global flag tc…
1910 forward the queries to. The servers listed as \fBforward\-host:\fR and
1919 forward all queries to that other server (unless it can answer from
1951 Enabled or disable whether the queries to this forwarder use TLS for transport.
1960 If it is set to "yes" then upstream queries use TCP only for transport regardless of global flag tc…
1981 uses the SOA timer values and performs SOA UDP queries to detect zone changes.
1985 zone is expired. When a zone is expired, queries are SERVFAIL, and
2014 primaries are listed, the primaries are first probed with UDP SOA queries to
2041 the queries with names in this zone, like one of the authority servers for
2050 for answering recursion queries. Instead of sending queries over the internet
2119 acts like the iterator and validator modules do, on queries and answers.
2209 the client magic from the old cert in their queries until they fetch and update
2220 The shared secret cache is used when a same client is making multiple queries
2250 Additionally, when a client includes the option in its queries, Unbound will
2269 Send client source address in queries for this domain and its subdomains. Can be
2275 \fBsend\-client\-subnet\fR) is applied for all queries, even if the triggering
2276 query contains an ECS record, or only for queries for which the ECS record is
2292 accept in queries. Shorter source masks result in REFUSED answers. Source mask
2297 accept in queries. Shorter source masks result in REFUSED answers. Source mask
2419 other DNS queries.
2547 These are client queries to Unbound.
2606 answer queries with that content.
2634 primaries are listed, the primaries are first probed with UDP SOA queries to
2673 If enabled the zone is authoritatively answered for and queries for the RPZ
2710 num\-queries\-per\-thread: 30
2712 harden\-large\-queries: "yes"