docker-pdns-server/pdns-recursor/config/recursor.conf

# Autogenerated configuration file template
#################################
# aaaa-additional-processing    turn on to do AAAA additional processing (slow)
#
# aaaa-additional-processing=off

#################################
# allow-from    If set, only allow these comma separated netmasks to recurse
#
# allow-from=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10

#################################
# allow-from-file       If set, load allowed netmasks from this file
#
# allow-from-file=

#################################
# auth-can-lower-ttl    If we follow RFC 2181 to the letter, an authoritative server can lower the TTL of NS records
#
# auth-can-lower-ttl=off

#################################
# auth-zones    Zones for which we have authoritative data, comma separated domain=file pairs 
#
# auth-zones=

#################################
# chroot        switch to chroot jail
#
# chroot=

#################################
# client-tcp-timeout    Timeout in seconds when talking to TCP clients
#
# client-tcp-timeout=2

#################################
# config-dir    Location of configuration directory (recursor.conf)
#
# config-dir=/etc/powerdns/

#################################
# daemon        Operate as a daemon
#
# daemon=yes

#################################
# delegation-only       Which domains we only accept delegations from
#
# delegation-only=

#################################
# disable-edns  Disable EDNS
#
# disable-edns=

#################################
# disable-edns-ping     Disable EDNSPing
#
# disable-edns-ping=no

#################################
# disable-packetcache   Disable packetcache
#
# disable-packetcache=no

#################################
# dont-query    If set, do not query these netmasks for DNS data
#
# dont-query=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10

#################################
# entropy-source        If set, read entropy from this file
#
# entropy-source=/dev/urandom

#################################
# etc-hosts-file        Path to 'hosts' file
#
# etc-hosts-file=/etc/hosts

#################################
# export-etc-hosts      If we should serve up contents from /etc/hosts
#
# export-etc-hosts=off

#################################
# forward-zones Zones for which we forward queries, comma separated domain=ip pairs
#
# forward-zones=

#################################
# forward-zones-file    File with (+)domain=ip pairs for forwarding
#
# forward-zones-file=

#################################
# forward-zones-recurse Zones for which we forward queries with recursion bit, comma separated domain=ip pairs
#
# forward-zones-recurse=

#################################
# hint-file     If set, load root hints from this file
#
# hint-file=

#################################
# ignore-rd-bit Assume each packet requires recursion, for compatability
#
# ignore-rd-bit=off

#################################
# local-address IP addresses to listen on, separated by spaces or commas. Also accepts ports.
#
local-address=0.0.0.0

#################################
# local-port    port to listen on
#
local-port=53

#################################
# log-common-errors     If we should log rather common errors
#
# log-common-errors=yes

#################################
# logging-facility      Facility to log messages as. 0 corresponds to local0
#
# logging-facility=

#################################
# lua-dns-script        Filename containing an optional 'lua' script that will be used to modify dns answers
#
# lua-dns-script=

#################################
# max-cache-entries     If set, maximum number of entries in the main cache
#
# max-cache-entries=1000000

#################################
# max-cache-ttl maximum number of seconds to keep a cached entry in memory
#
# max-cache-ttl=86400

#################################
# max-mthreads  Maximum number of simultaneous Mtasker threads
#
# max-mthreads=2048

#################################
# max-negative-ttl      maximum number of seconds to keep a negative cached entry in memory
#
# max-negative-ttl=3600

#################################
# max-packetcache-entries       maximum number of entries to keep in the packetcache
#
# max-packetcache-entries=500000

#################################
# max-tcp-clients       Maximum number of simultaneous TCP clients
#
# max-tcp-clients=128

#################################
# max-tcp-per-client    If set, maximum number of TCP sessions per client (IP address)
#
# max-tcp-per-client=0

#################################
# network-timeout       Wait this nummer of milliseconds for network i/o
#
# network-timeout=1500

#################################
# no-shuffle    Don't change
#
# no-shuffle=off

#################################
# packetcache-servfail-ttl      maximum number of seconds to keep a cached servfail entry in packetcache
#
# packetcache-servfail-ttl=60

#################################
# packetcache-ttl       maximum number of seconds to keep a cached entry in packetcache
#
# packetcache-ttl=3600

#################################
# pdns-distributes-queries      If PowerDNS itself should distribute queries over threads (EXPERIMENTAL)
#
# pdns-distributes-queries=no

#################################
# processes     Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)
#
# processes=1

#################################
# query-local-address   Source IP address for sending queries
#
# query-local-address=0.0.0.0

#################################
# query-local-address6  Source IPv6 address for sending queries
#
# query-local-address6=

#################################
# quiet Suppress logging of questions and answers
#
quiet=yes

#################################
# remotes-ringbuffer-entries    maximum number of packets to store statistics for
#
# remotes-ringbuffer-entries=0

#################################
# serve-rfc1918 If we should be authoritative for RFC 1918 private IP space
#
# serve-rfc1918=

#################################
# server-id     Returned when queried for 'server.id' TXT or NSID, defaults to hostname
#
# server-id=

#################################
# setgid        If set, change group id to this gid for more security
#
setgid=pdns

#################################
# setuid        If set, change user id to this uid for more security
#
setuid=pdns

#################################
# single-socket If set, only use a single socket for outgoing queries
#
# single-socket=off

#################################
# soa-minimum-ttl       Don't change
#
# soa-minimum-ttl=0

#################################
# soa-serial-offset     Don't change
#
# soa-serial-offset=0

#################################
# socket-dir    Where the controlsocket will live
#
# socket-dir=/var/run/

#################################
# socket-group  Group of socket
#
# socket-group=

#################################
# socket-mode   Permissions for socket
#
# socket-mode=

#################################
# socket-owner  Owner of socket
#
# socket-owner=

#################################
# spoof-nearmiss-max    If non-zero, assume spoofing after this many near misses
#
# spoof-nearmiss-max=20

#################################
# stack-size    stack size per mthread
#
# stack-size=200000

#################################
# threads       Launch this number of threads
#
# threads=2

#################################
# trace if we should output heaps of logging
#
# trace=off

#################################
# version-string        string reported on version.pdns or version.bind
#
# version-string=PowerDNS Recursor 3.3 $Id: pdns_recursor.cc 1712 2010-09-11 13:40:03Z ahu $