# CurveDNS configuration file.

# IP(s) CurveDNS should listen on (comma separated list)
# this is passed to curvedns(8) as first parameter
IP=127.0.0.1

# Port CurveDNS will listen on (53 ist the default for DNS)
# this is passed to curvedns(8) as second parameter
PORT=53

# IP of your authoritative nameserver (incoming quieries will be forwarded to this server)
# this is passed to curvedns(8) as third parameter
REMOTEIP=127.0.0.2

# Port of the DNS daemon on authoritative nameserver listens on (53 is the default for DNS)
# this is passed to curvedns(8) as fourth parameter
REMOTEPORT=53

# Directory to chroot into after startup
ROOT=/var/lib/curvedns/empty

# Nonce separation
# When several servers share a key, than servers must use separate nonces, for example:
# the first of four servers is configured to use CURVEDNS_NONCE_SEPARATION_BITS='100',
# the second is configured to use CURVEDNS_NONCE_SEPARATION_BITS='101',
# the third is configured to use CURVEDNS_NONCE_SEPARATION_BITS='110', and
# the fourth is configured to use CURVEDNS_NONCE_SEPARATION_BITS='111'.
#
# CURVEDNS_NONCE_SEPARATION_BITS='' means no separation bits.
# CURVEDNS_NONCE_SEPARATION_BITS is limited by 16bits (65536 variants),
# e.g. CURVEDNS_NONCE_SEPARATION_BITS='1111111111111111'
#
# By default we set '0'. So we have space to switch to
# CURVEDNS_NONCE_SEPARATION_BITS starting with 1 in the future.
CURVEDNS_NONCE_SEPARATION_BITS='0'

#Optionnal CurveDNS configuration, see curvedns(8)
#CURVEDNS_INTERNAL_TIMEOUT=1.2
#CURVEDNS_UDP_TRIES=2
#CURVEDNS_TCP_NUMBER=25
#CURVEDNS_TCP_TIMEOUT=60.0
#CURVEDNS_SHARED_SECRETS=5000
#CURVEDNS_DEBUG=5
#CURVEDNS_SOURCE_IP=xx.xx.xx.xx
