server: {% for interface in unbound_interfaces %} interface: {{ interface }} {% endfor %} {% if keepalived_install is defined and keepalived_install %} ip-transparent: yes {% endif %} interface-automatic: yes {% for net in unbound_allowed_clients %} access-control: {{ net.cidr }} {{ net.policy }} {% endfor %} verbosity: {{ unbound_verbosity }} # use all CPUs num-threads: {{ unbound_threads }} prefetch: {{ unbound_prefetch }} # power of 2 close to num-threads msg-cache-slabs: {{ unbound_threads }} rrset-cache-slabs: {{ unbound_threads }} infra-cache-slabs: {{ unbound_threads }} key-cache-slabs: {{ unbound_threads }} # more cache memory, rrset=msg*2 rrset-cache-size: {{ unbound_rrset_cache_size }} msg-cache-size: {{ unbound_rrset_msg_cache_size }} # more outgoing connections # depends on number of cores: 1024/cores - 50 outgoing-range: {{ 1024 // unbound_threads - 50 }} # Larger socket buffer. OS may need config. so-rcvbuf: {{ unbound_so_rcvbuf }} so-sndbuf: {{ unbound_so_sndbuf }} # Faster UDP with multithreading (only on Linux). so-reuseport: {{ unbound_so_reuseport }} # with libevent outgoing-range: {{ unbound_outgoing_range }} num-queries-per-thread: {{ unbound_num_queries_per_thread }} {% if ansible_service_mgr == 'systemd' %} use-systemd: yes do-daemonize: no {% endif %}