diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index a8a30220e..11d0cc8c0 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -57,9 +57,6 @@ function unbound_optimization() {
         $optimization['key_cache_slabs'] = "key-cache-slabs: 4";
     }
 
-    // Memory usage default of 4MB
-    $optimization['msg_cache_size'] = "msg-cache-size: 4m";
-    $optimization['rrset_cache_size'] = "rrset-cache-size: 8m";
 
     // More outgoing connections per thread otherwise assign a default of 4096 for a single thread
     if ($numprocs > 0) {
@@ -222,25 +219,25 @@ EOF;
     }
 
     // Server configuration variables
-    $port = (is_port($config['unbound']['port'])) ? $config['unbound']['port'] : "53";
-    $hide_id = ($config['unbound']['hide_id'] == "on") ? "yes" : "no";
-    $hide_version = ($config['unbound']['hide_version'] == "on") ? "yes" : "no";
-    $harden_glue = ($config['unbound']['harden_glue'] == "on") ? "yes" : "no";
-    $harden_dnssec_stripped = ($config['unbound']['harden_dnssec_stripped'] == "on") ? "yes" : "no";
-    $prefetch = ($config['unbound']['prefetch'] == "on") ? "yes" : "no";
-    $prefetch_key = ($config['unbound']['prefetch_key'] == "on") ? "yes" : "no";
-    $outgoing_num_tcp = (!empty($config['unbound']['outgoing_num_tcp'])) ? $config['unbound']['outgoing_num_tcp'] : "10";
-    $incoming_num_tcp = (!empty($config['unbound']['incoming_num_tcp'])) ? $config['unbound']['incoming_num_tcp'] : "10";
-    $edns_buffer_size = (!empty($config['unbound']['edns_buffer_size'])) ? $config['unbound']['edns_buffer_size'] : "4096";
-    $num_queries_per_thread = (!empty($config['unbound']['num_queries_per_thread'])) ? $config['unbound']['num_queries_per_thread'] : "4096";
-    $jostle_timeout = (!empty($config['unbound']['jostle_timeout'])) ? $config['unbound']['jostle_timeout'] : "200";
-    $cache_max_ttl = (!empty($config['unbound']['cache_max_ttl'])) ? $config['unbound']['cache_max_ttl'] : "86400";
-    $cache_min_ttl = (!empty($config['unbound']['cache_min_ttl'])) ? $config['unbound']['cache_min_ttl'] : "0";
-    $infra_host_ttl = (!empty($config['unbound']['infra_host_ttl'])) ? $config['unbound']['infra_host_ttl'] : "900";
-    $infra_lame_ttl = (!empty($config['unbound']['infra_lame_ttl'])) ? $config['unbound']['infra_lame_ttl'] : "900";
-    $infra_cache_numhosts = (!empty($config['unbound']['infra_cache_numhosts'])) ? $config['unbound']['infra_cache_numhosts'] : "10000";
-    $unwanted_reply_threshold = (!empty($config['unbound']['unwanted_reply_threshold'])) ? $config['unbound']['unwanted_reply_threshold'] : "0";
+    $port = is_port($config['unbound']['port']) ? $config['unbound']['port'] : "53";
+    $hide_id = !empty($config['unbound']['hideidentity']) ? "yes" : "no";
+    $hide_version = !empty($config['unbound']['hideversion']) ? "yes" : "no";
+    $prefetch = !empty($config['unbound']['prefetch']) ? "yes" : "no";
+    $prefetch_key = !empty($config['unbound']['prefetchkey']) ? "yes" : "no";
+    $outgoing_num_tcp = !empty($config['unbound']['outgoing_num_tcp']) ? $config['unbound']['outgoing_num_tcp'] : "10";
+    $incoming_num_tcp = !empty($config['unbound']['incoming_num_tcp']) ? $config['unbound']['incoming_num_tcp'] : "10";
+    $edns_buffer_size = !empty($config['unbound']['edns_buffer_size']) ? $config['unbound']['edns_buffer_size'] : "4096";
+    $num_queries_per_thread = !empty($config['unbound']['num_queries_per_thread']) ? $config['unbound']['num_queries_per_thread'] : "4096";
+    $jostle_timeout = !empty($config['unbound']['jostle_timeout']) ? $config['unbound']['jostle_timeout'] : "200";
+    $cache_max_ttl = !empty($config['unbound']['cache_max_ttl']) ? $config['unbound']['cache_max_ttl'] : "86400";
+    $cache_min_ttl = !empty($config['unbound']['cache_min_ttl']) ? $config['unbound']['cache_min_ttl'] : "0";
+    $infra_host_ttl = !empty($config['unbound']['infra_host_ttl']) ? $config['unbound']['infra_host_ttl'] : "900";
+    $infra_cache_numhosts = !empty($config['unbound']['infra_cache_numhosts']) ? $config['unbound']['infra_cache_numhosts'] : "10000";
+    $unwanted_reply_threshold = !empty($config['unbound']['unwanted_reply_threshold']) && is_numeric($config['unbound']['unwanted_reply_threshold']) ? $config['unbound']['unwanted_reply_threshold'] : "0";
     $verbosity = isset($config['unbound']['log_verbosity']) ? $config['unbound']['log_verbosity'] : 1;
+    $msgcachesize = !empty($config['unbound']['msgcachesize']) ? $config['unbound']['msgcachesize'] : 4;
+    $rrsetcachesize = $msgcachesize * 2;
+    $dnssecstripped = !empty($config['unbound']['dnssecstripped']) ? "yes" : "no";
 
     // Set up forwarding if it configured
     if (isset($config['unbound']['forwarding'])) {
@@ -292,6 +289,8 @@ pidfile: "/var/run/unbound.pid"
 use-syslog: yes
 port: {$port}
 verbosity: {$verbosity}
+hide-identity: {$hide_id}
+hide-version: {$hide_version}
 harden-referral-path: no
 do-ip4: yes
 do-ip6: yes
@@ -299,25 +298,24 @@ do-udp: yes
 do-tcp: yes
 do-daemonize: yes
 module-config: "{$module_config}"
-unwanted-reply-threshold: 0
-num-queries-per-thread: 1024
-jostle-timeout: 200
-infra-host-ttl: 900
-infra-lame-ttl: 900
-infra-cache-numhosts: 10000
-outgoing-num-tcp: 10
-incoming-num-tcp: 10
-edns-buffer-size: 4096
 cache-max-ttl: {$cache_max_ttl}
 cache-min-ttl: {$cache_min_ttl}
-harden-dnssec-stripped: yes
+harden-dnssec-stripped: {$dnssecstripped}
+outgoing-num-tcp: {$outgoing_num_tcp}
+incoming-num-tcp: {$incoming_num_tcp}
+edns-buffer-size: {$edns_buffer_size}
+num-queries-per-thread: {$num_queries_per_thread}
+infra-host-ttl: {$infra_host_ttl}
+infra-cache-numhosts: {$infra_cache_numhosts}
+unwanted-reply-threshold: {$unwanted_reply_threshold}
+jostle-timeout: {$jostle_timeout}
+msg-cache-size: {$msgcachesize}m
+rrset-cache-size: {$rrsetcachesize}m
 {$optimization['number_threads']}
 {$optimization['msg_cache_slabs']}
 {$optimization['rrset_cache_slabs']}
 {$optimization['infra_cache_slabs']}
 {$optimization['key_cache_slabs']}
-{$optimization['msg_cache_size']}
-{$optimization['rrset_cache_size']}
 {$optimization['outgoing_range']}
 {$optimization['so_rcvbuf']}
 {$anchor_file}
@@ -342,6 +340,9 @@ include: {$g['unbound_chroot_path']}/host_entries.conf
 # Domain overrides
 include: {$g['unbound_chroot_path']}/domainoverrides.conf
 
+# TODO: DHCP leases should be included here
+##include: {$g['unbound_chroot_path']}/dhcpleases.conf
+
 {$custom_options}
 
 {$forward_conf}