Windows 10 Optimization Guide suggestion - Unbound DNS server?

  1.    02 Apr 2016 #1

    Windows 10 Optimization Guide suggestion - Unbound DNS server?

    Hi all,

    I was wondering, for the Windows 10 optimization guide, it is recommend using another DNS provider. I was wondering if it had been considered to recommend that users install their own DNS Server.

    I personally use Unbound. It's has a very small footprint, easy to install and equally easy to configure and or tweak. I would be willing to help draft instructions as well as share my configuration file. This way users could actually run an even faster DNS service, which their queries would be private, off their own machine.

    If anyone is interested or think this might be of value, let me know and I can draft a simple install guide etc.

    Unbound can be found here: Unbound (yes there is a Windows version).

    Their documentation is here (it's got a lot of options) so don't let your brain explode, 98% of them won't matter to you:

    Unbound documentation

    And if you are curious, once Unbound is installed, it installs as a service. The configuration for that service is located here:

    C:\Program Files (x86)\Unbound and in this file: service.conf

    Here is what my service.conf looks like, just open it in notepad, (you could copy and paste it in to the service.conf file and save it), then just go into services and restart the unbound service it would then have my settings applied.

    # Unbound configuration file on windows.
    # See example.conf for more settings and syntax
    # verbosity level 0-4 of logging
    verbosity: 0

    # if you want to log to a file use
    #logfile: "C:\unbound.log"

    # on Windows, this setting makes reports go into the Application log
    # found in ControlPanels - System tasks - Logs
    #use-syslog: yes

    server: auto-trust-anchor-file: "C:\Program Files (x86)\Unbound\root.key"
    port: 53
    do-ip4: yes
    do-ip6: no
    do-udp: yes
    do-tcp: yes
    prefetch: yes
    prefetch-key: yes
    hide-identity: yes
    hide-version: yes
    harden-glue: yes
    harden-dnssec-stripped: yes
    outgoing-range: 512
    num-queries-per-thread: 1024
    num-threads: 2
    msg-cache-size: 128m
    rrset-cache-size: 256m
    msg-cache-slabs: 8
    rrset-cache-slabs: 8
    infra-cache-slabs: 8
    key-cache-slabs: 8
    key-cache-size: 16m
    so-rcvbuf: 1m
    so-sndbuf: 1m
    cache-min-ttl: 3600
    cache-max-ttl: 172800
    infra-host-ttl: 60
    infra-lame-ttl: 120
    unwanted-reply-threshold: 10000
    infra-cache-numhosts: 10000
    infra-cache-lame-size: 10k
    val-clean-additional: yes
    minimal-responses: yes
    ### Block popular advertising companies
    local-zone: "" redirect
    local-data: " A"
    local-zone: "" redirect
    local-data: " A"
    local-zone: "" redirect
    local-data: " A"
    local-zone: "" redirect
    local-data: " A"
    local-zone: "" redirect
    local-data: " A"
    local-zone: "" redirect
    local-data: " A"

    After that, you just would need to go into your network adapter and get rid of your other DNS server settings, and set your DNS to, apply and BAM - it's a lot faster and you have a lot more privacy this way.

    Feel free to try, not try, set me on fire or ignore this post all together. If you hate it, just uninstall and go back to whatever you were using before. OpenDNS, I mean CiscoDNS will always be there waiting :)


      My ComputerSystem Spec

  2. TairikuOkami's Avatar
    Posts : 3,481
    Home 1809 x64 10.0.17763.165
       02 Apr 2016 #2

    It is not always about being faster, if I wanted a fast DNS, I would use UltraDNS.
    I use OpenDNS, because it blocks malicious websites and provides other services.
      My ComputerSystem Spec

  3. Posts : 10
    Win 10 Pro N x64
       02 Apr 2016 #3

    While I am certainly no fan of the Google ecosystem, sometimes, especially when trouble shooting DNS problems, I tap into their public DNS service to see if that works... They started this public service awhile back. 2009 I think.
    Striaght from Google:
    **************************************************************************************************** ***
    The Google Public DNS IP addresses (IPv4) are as follows:


    The Google Public DNS IPv6 addresses are as follows:

    • 2001:4860:4860::8888
    • 2001:4860:4860::8844

    You can use either address as your primary or secondary DNS server. You can specify both addresses, but do not specify one address as both primary and secondary.

    You can configure Google Public DNS addresses for either IPv4 or IPv6 connections, or both.
    **************************************************************************************************** *****
    Again, If I'm having host resolution problems, I try the IPv4 settings and see if I can reach Google. If that works then it's a clue.
    I suppose you could use Google DNS all the time as your default if you wanted to.
    That's just not my flavor of ice cream, Ha!
    Just an FYI.
    From the heart of the Bayou,
    Mr. J - Now I'm off to read about "unbound", thanks for the tip!
      My ComputerSystem Spec

  4. TairikuOkami's Avatar
    Posts : 3,481
    Home 1809 x64 10.0.17763.165
       02 Apr 2016 #4

    Mr Joey said: View Post
    The Google Public DNS IPv6 addresses are as follows:
    Using IPv6 is not just causing internet problems, it also identifies you personally, there goes the privacy.
      My ComputerSystem Spec

  5. Posts : 10
    Win 10 Pro N x64
       02 Apr 2016 #5

    I didn't know about the IPv6 privacy issue, thanks for that!
    Ya, I reckon anytime I use Google for anything, privacy is pretty much out the window. I just don't trust those folks.
    Mr. J.
      My ComputerSystem Spec


Related Threads
No optimization in Windows 10? Help in Performance & Maintenance how can u fix this problrm?
Hi All, I've tried to run the upgrade from Windows 7 to 10. It fails with the pre-requisite as I had the WSUS 3.0 SP2 admin console installed. I uninstalled this and tried to resume but it still thinks it's installed and won't progress. I've...
Read more: Windows Threshold wave 2 will focus primarily on optimization
Read more: Windows Server 2016 leaks reveal Nano Server, protected VM role plans | ZDNet
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 11:09.
Find Us