Tweaks + explicit no log directives added

etc/unbound/unbound.conf

@@ -1,7 +1,7 @@
 # /etc/unbound/unbound.conf : unbound conf. file for cantal
 #
-# Last edition : 2025-07-06
+# Last edition : 2025-07-17
-# Last editor : @Campanu
+# Last editor : Lucas MATHIEU
 #
 
 server:
@@ -31,7 +31,7 @@ server:
 	
 	## Root hints file
 	root-hints: "/etc/unbound/root.hints"
-
+	
 	# Security & privacy
 	harden-algo-downgrade: yes 
 	harden-glue: yes
@@ -39,23 +39,26 @@ server:
 	hide-version: yes
 	qname-minimisation: yes
 	val-clean-additional: yes
-
+	
 	# DNSSEC
 	harden-below-nxdomain: yes
 	harden-dnssec-stripped: yes
 	
 	auto-trust-anchor-file: "/etc/unbound/dnssec/root.key"
-
+	
 	## Disabling capitalization randomization to avoid DNSSEC issues
 	use-caps-for-id: no
-
+	
 	## RFC 8198: Aggressive Use of DNSSEC-Validated Cache
 	aggressive-nsec: yes
-
+	
 	# Tweaks
 	num-threads: 2
 	so-reuseport: yes
 	
+	so-rcvbuf: 4m
+	so-sndbuf: 4m
+	
 	prefetch: yes
 	prefetch-key: yes
 	
@@ -66,34 +69,38 @@ server:
 	rrset-cache-slabs: 2
 	infra-cache-slabs: 2
 	key-cache-slabs: 2
-
+	
 	neg-cache-size: 4m
 	key-cache-size: 16m
-	msg-cache-size: 128m
+	msg-cache-size: 64m
-	rrset-cache-size: 256m
+	rrset-cache-size: 128m
-
+	
 	infra-cache-numhosts: 100000
-
+	
 	## TTL
 	cache-min-ttl: 60
 	cache-max-ttl: 86400
-
+	
 	# RFC 8914: Extended DNS Errors
 	ede: yes
 	ede-serve-expired: yes
-
+	
-    # RFC 8767: Serving Stale Data
+	# RFC 8767: Serving Stale Data
-    serve-expired: yes
+	serve-expired: yes
 	serve-expired-ttl: 86400
 	serve-expired-ttl-reset: no
 	serve-expired-reply-ttl: 30
 	serve-expired-client-timeout: 1800
-
+	
 	# Logging
-	use-syslog: no
 	logfile: "/var/log/unbound.log"
 	verbosity: 1
 	log-time-ascii: yes
+	
+	log-queries: no
+	log-replies: no
+	log-servfail: no
+	log-local-actions: no
 
 remote-control:
 	control-enable: no