## Simple recursive caching DNS, UDP port 53
## unbound.conf -- https://calomel.org
#
server:
#   access-control: 10.0.0.0/8 allow
   access-control: 127.0.0.0/8 allow
#   access-control: 192.168.0.0/16 allow
#   aggressive-nsec: yes
   cache-max-ttl: 14400
   cache-min-ttl: 300
   hide-identity: yes
   hide-version: yes
   interface: 127.0.0.1
   minimal-responses: yes
   num-threads: 4
   prefetch: yes
   qname-minimisation: yes
   rrset-roundrobin: yes
 # tls-cert-bundle: "/usr/local/share/certs/ca-root-nss.crt"
 # trust-anchor-file: "/usr/local/etc/unbound/root.key"
   use-caps-for-id: yes
   verbosity: 1

forward-zone:
      name: "ipa.champion"
      forward-addr: 192.168.11.254 # Cerberus
forward-zone:
      name: "."
      forward-addr: 1.1.1.1        # Cloudflare
      forward-addr: 1.0.0.1        # Cloudflare
      forward-addr: 8.8.4.4        # Google
      forward-addr: 8.8.8.8        # Google
      forward-addr: 37.235.1.174   # FreeDNS
      forward-addr: 37.235.1.177   # FreeDNS
      forward-addr: 50.116.23.211  # OpenNIC
      forward-addr: 64.6.64.6      # Verisign
      forward-addr: 64.6.65.6      # Verisign
      forward-addr: 74.82.42.42    # Hurricane Electric
      forward-addr: 84.200.69.80   # DNS Watch
      forward-addr: 84.200.70.40   # DNS Watch
      forward-addr: 91.239.100.100 # censurfridns.dk
      forward-addr: 109.69.8.51    # puntCAT
      forward-addr: 208.67.222.220 # OpenDNS
      forward-addr: 208.67.222.222 # OpenDNS
      forward-addr: 216.146.35.35  # Dyn Public
      forward-addr: 216.146.36.36  # Dyn Public