scottk/homelab
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/homelab.git synced 2025-10-30 17:37:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(dns): tweak unbound setting again

Browse Source 
Still some intermittent issues with DNS-resolving
This commit is contained in:
Vegard Hagen
2025-01-02 14:38:58 +01:00
parent 668f052356
commit e4fbd938c1
3 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
k8s/infra/network/dns/adguard/config/AdGuardHome.yaml
View File

@@ -19,8 +19,8 @@ dns:
ratelimit_subnet_len_ipv6: 56 ratelimit_subnet_len_ipv6: 56
ratelimit_whitelist: [ ] ratelimit_whitelist: [ ]
refuse_any: true refuse_any: true
upstream_dns: #upstream_dns:
- 10.96.0.11 # - 10.96.0.11
upstream_dns_file: "" upstream_dns_file: ""
bootstrap_dns: bootstrap_dns:
- 10.96.0.11 - 10.96.0.11

30
k8s/infra/network/dns/unbound/config/unbound.conf
View File

@@ -10,7 +10,7 @@ server:
do-ip4: yes do-ip4: yes
do-ip6: yes do-ip6: yes
prefer-ip6: yes prefer-ip6: no
do-tcp: yes do-tcp: yes
do-udp: yes do-udp: yes
@@ -24,7 +24,8 @@ server:
log-servfail: yes log-servfail: yes
logfile: /opt/unbound/etc/unbound/unbound.log logfile: /opt/unbound/etc/unbound/unbound.log
verbosity: 2 log-time-ascii: yes
verbosity: 0
infra-cache-slabs: 4 infra-cache-slabs: 4
incoming-num-tcp: 10 incoming-num-tcp: 10
@@ -34,7 +35,7 @@ server:
msg-cache-slabs: 4 msg-cache-slabs: 4
num-queries-per-thread: 4096 num-queries-per-thread: 4096
num-threads: 3 num-threads: 1
outgoing-range: 8192 outgoing-range: 8192
@@ -47,10 +48,13 @@ server:
prefetch-key: yes prefetch-key: yes
serve-expired: yes serve-expired: yes
serve-expired-ttl: 172800 # between 86400 (1 day) and 259200 (3 days)
serve-expired-client-timeout: 1800 # RFC 8767 recommended value
so-reuseport: yes so-reuseport: yes
so-rcvbuf: 1m
#aggressive-nsec: yes aggressive-nsec: yes
delay-close: 10000 delay-close: 10000
@@ -60,7 +64,7 @@ server:
neg-cache-size: 4M neg-cache-size: 4M
#qname-minimisation: yes qname-minimisation: yes
access-control: 127.0.0.1/32 allow access-control: 127.0.0.1/32 allow
access-control: 192.168.0.0/16 allow access-control: 192.168.0.0/16 allow
@@ -112,18 +116,18 @@ server:
max-global-quota: 1000 max-global-quota: 1000
# https://github.com/NLnetLabs/unbound/issues/362 # https://github.com/NLnetLabs/unbound/issues/362
qname-minimisation: no #qname-minimisation: no
aggressive-nsec: no #aggressive-nsec: no
infra-keep-probing: yes infra-keep-probing: yes
infra-cache-min-rtt: 1000 infra-cache-min-rtt: 2000
infra-cache-max-rtt: 2000 infra-cache-max-rtt: 15000
infra-host-ttl: 10 infra-host-ttl: 5
outbound-msg-retry: 128 outbound-msg-retry: 64
max-sent-count: 256 max-sent-count: 128
udp-connect: no #udp-connect: no
#ede: yes #ede: yes

4
k8s/infra/network/dns/unbound/svc.yaml
View File

@@ -3,8 +3,10 @@ kind: Service
metadata: metadata:
name: unbound name: unbound
namespace: dns namespace: dns
annotations:
io.cilium/lb-ipam-ips: 192.168.1.252
spec: spec:
type: ClusterIP type: LoadBalancer
# https://kubernetes.io/docs/concepts/services-networking/cluster-ip-allocation/ # https://kubernetes.io/docs/concepts/services-networking/cluster-ip-allocation/
clusterIP: 10.96.0.11 clusterIP: 10.96.0.11
ports: ports: