cert_ignore_timestamp = true
server_names = ['cisco', 'cisco-familyshield']
listen_addresses = ['127.0.0.1:65053']
## Maximum number of simultaneous client connections to accept
max_clients = 250
## Require servers (from static + remote sources) to satisfy specific properties
# Use servers reachable over IPv4
ipv4_servers = true
# Use servers reachable over IPv6
ipv6_servers = false
# Use servers implementing the DNSCrypt protocol
dnscrypt_servers = true
# Use servers implementing the DNS-over-HTTPS protocol
doh_servers = true
## Require servers defined by remote sources to satisfy specific properties
# Server must support DNS security extensions (DNSSEC)
require_dnssec = false
# Server must not log user queries (declarative)
require_nolog = false
# Server must not enforce its own blacklist (for parental control, ads blocking...)
require_nofilter = false
## Always use TCP to connect to upstream servers
force_tcp = false
## How long a DNS query will wait for a response, in milliseconds
timeout = 2500
## Keepalive for HTTP (HTTPS, HTTP/2) queries, in seconds
keepalive = 30
## Load-balancing
lb_strategy = 'p2'
## Log level
log_level = 2
## log file for the application
# log_file = 'dnscrypt-proxy.log'
## Use the system logger
# use_syslog = true
## Delay, in minutes, after which certificates are reloaded
cert_refresh_delay = 240
## DNSCrypt: Ephemeral_keys (Beta)
dnscrypt_ephemeral_keys = true
## DoH: Disable TLS session tickets - increases privacy but also latency
# tls_disable_session_tickets = false
## DoH: specific cipher suite (Beta)
tls_cipher_suite = [52392, 49199]
## Fallback resolver
fallback_resolver = '194.168.8.100:53'
ignore_system_dns = true
## Automatic log files rotation
# Maximum log files size in MB
log_files_max_size = 10
# How long to keep backup files, in days
log_files_max_age = 5
# Maximum log files backups to keep
log_files_max_backups = 1
## Filters
block_ipv6 = true
## Enable a DNS cache to reduce latency and outgoing traffic
cache = true
## Cache size
cache_size = 512
## Minimum TTL for cached entries
cache_min_ttl = 600
## Maximum TTL for cached entries
cache_max_ttl = 86400
## TTL for negatively cached entries
cache_neg_ttl = 60
[sources]
[sources.'public-resolvers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
cache_file = 'public-resolvers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
prefix = ''