
<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>

</head>

<body dir="ltr">

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hello.</div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I just use unbound which listen 53 port to forward the <span style="font-family: Calibri, Arial, Helvetica, sans-serif; background-color: rgb(255, 255, 255); display: inline !important">

queries</span> to 127.0.0.1@5353(dnscrypt v2),but I find it works slowly.When unbound gets a request,it always sends the query to the root-server at first,and then it forward to 127.0.0.1@5353.How can I let unbound forward at first?</div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I want to use redis to cache,and I also want to use subnet. But the module-config only allows subnetcache or cachedb. </div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

it is my conf:</div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

===================================</div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

<span>server:</span>

<div>verbosity: 1<br>

</div>

<div>num-threads: 2<br>

</div>

<div>#interface: 0.0.0.0<br>

</div>

<div>interface: 0.0.0.0@53<br>

</div>

<div>interface: ::0@53<br>

</div>

<div>interface: 0.0.0.0@853<br>

</div>

<div>interface: ::0@853</div>

<div>prefer-ip6: no </div>

<div>outgoing-num-tcp: 1024  <br>

</div>

<div>incoming-num-tcp: 2048  <br>

</div>

<div>so-rcvbuf: 8m  <br>

</div>

<div>so-sndbuf: 8m  <br>

</div>

<div>so-reuseport: yes <br>

</div>

<div>edns-buffer-size: 4096  <br>

</div>

<div>max-udp-size: 4096  <br>

</div>

<div>msg-buffer-size: 65552  <br>

</div>

<div>msg-cache-size: 64m <br>

</div>

<div>num-queries-per-thread: 2048<br>

</div>

<div>jostle-timeout: 300<br>

</div>

<div>unknown-server-time-limit: 2000<br>

</div>

<div>rrset-cache-size: 512m<br>

</div>

<div>rrset-cache-slabs: 4<br>

</div>

<div>cache-min-ttl: 90<br>

</div>

<div>cache-max-ttl: 43200<br>

</div>

<div>do-ip4: yes<br>

</div>

<div>do-ip6: yes<br>

</div>

<div>do-udp: yes<br>

</div>

<div>do-tcp: yes<br>

</div>

<div>tcp-upstream: no <br>

</div>

<div>udp-upstream-without-downstream: no <br>

</div>

<div>tcp-mss: 0<br>

</div>

<div>outgoing-tcp-mss: 0<br>

</div>

<div>tcp-idle-timeout: 30000<br>

</div>

<div>access-control: 0.0.0.0/0 allow</div>

<div>use-syslog: yes </div>

<div>pidfile: "/var/run/unbound.pid" <br>

</div>

<div>root-hints: "named.cache"  <br>

</div>

<div>hide-identity: yes <br>

</div>

<div>hide-version: yes  </div>

<div>harden-glue: yes<br>

</div>

<div>qname-minimisation: yes <br>

</div>

<div>qname-minimisation-strict: no <br>

</div>

<div>rrset-roundrobin: yes<br>

</div>

<div>prefetch: yes  <br>

</div>

<div>do-not-query-localhost: yes  <br>

</div>

<div>minimal-responses: yes  <br>

</div>

<div>module-config: "subnetcache validator iterator"  <br>

</div>

<div>neg-cache-size: 20m  <br>

</div>

<div>include: "/usr/local/dns/etc/unbound/local.unbound.conf" </div>

<div><br>

</div>

<div>edns-tcp-keepalive: yes<br>

</div>

<div>edns-tcp-keepalive-timeout: 60000  <br>

</div>

<div>auto-trust-anchor-file: "/usr/local/dns/etc/unbound/root.key"<br>

</div>

<div>hide-trustanchor: no <br>

</div>

<div>aggressive-nsec: yes  </div>

<div><br>

</div>

<div>tls-service-key: "/usr/local/dns/etc/tls.key"<br>

</div>

<div>tls-service-pem: "/usr/local/dns/etc/tls.crt"<br>

</div>

<div>tls-port: 853 </div>

<div>tls-upstream: no  </div>

<div>tls-cert-bundle: "/usr/local/dns/etc/certs.pem" <br>

</div>

<div><br>

</div>

<div>send-client-subnet: 0.0.0.0/0<br>

</div>

<div>send-client-subnet: ::0/64</div>

<div><br>

</div>

<div>include: "/usr/local/dns/etc/unbound/whitelist.conf"</div>

<div>forward-zone:<br>

</div>

<div>    name: "."<br>

</div>

<div>    forward-addr: 127.0.0.1@5353  #DNScrypt-proxy<br>

</div>

<div>    forward-first: yes</div>

<div><br>

</div>

<div>#cachedb:<br>

</div>

<div>#     backend: "unbound"<br>

</div>

<div>#     secret-seed: "default"<br>

</div>

<div>#     redis-server-host: 127.0.0.1<br>

</div>

<div>#     redis-server-port: 6379<br>

</div>

<div>#     redis-timeout: 100<br>

</div>

<span></span>=============================================================</div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Thanks.</div>

<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Make.</div>

</body>

</html>