下面这个是 unbound-control lookup
www.baidu.com 的结果
rto 35799 msec, ttl 709, ping 7239 var 7140 rtt 35799, tA 0, tAAAA 0, tother 0, EDNS 0 assumed.
如果直接 dig 到远程服务器只有 1700msec
以下是 unbound 的配置
server:
verbosity: 1
num-threads: 1
interface: 127.0.0.1
port: 1053
outgoing-range: 60
outgoing-num-tcp: 1
incoming-num-tcp: 1
msg-buffer-size: 8192
msg-cache-size: 100k
msg-cache-slabs: 1
num-queries-per-thread: 30
rrset-cache-size: 100k
rrset-cache-slabs: 1
infra-cache-slabs: 1
infra-cache-numhosts: 10000
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
tcp-upstream: yes
access-control: 0.0.0.0/0 allow_snoop
chroot: "/etc/unbound"
username: "root"
directory: "/etc/unbound"
pidfile: "/var/run/unbound.pid"
root-hints: "/etc/unbound/named.cache"
hide-identity: yes
hide-version: yes
target-fetch-policy: "2 1 0 0 0 0"
harden-short-bufsize: yes
harden-large-queries: yes
harden-glue: yes
private-address: 10.0.0.0/8
private-address: 172.16.0.0/12
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: fd00::/8
private-address: fe80::/10
do-not-query-localhost: yes
prefetch: yes
module-config: "iterator"
key-cache-size: 100k
key-cache-slabs: 1
neg-cache-size: 10k
ssl-upstream: no
python:
# Script file to load
# python-script: "/etc/unbound/ubmodule-tst.py"
# Remote control config section.
remote-control:
control-enable: yes
control-use-cert: no
forward-zone:
name: "."
forward-addr: *.*.*.*@3535
# forward-addr: 114.114.114.114
forward-first: yes