Date: Wed, 31 May 2023 08:20:11 +0000 From: "Dave Cottlehuber" <dch@skunkwerks.at> To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@FreeBSD.org> Cc: questions@freebsd.org Subject: Re: unbound Message-ID: <4bac270b-78cc-475e-8a0a-153d615b2f77@app.fastmail.com> In-Reply-To: <86mt1lk1ef.fsf@ltc.des.no> References: <20230513053351.6e101f66@dismail.de> <4d7fe7b8-bbd5-e10d-41ee-2b6d46ddb39a@slagle.net> <20230513174552.6d1a05e8@dismail.de> <6538db87-9927-4bd9-a837-d66137c933a3@app.fastmail.com> <86mt1lk1ef.fsf@ltc.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 30 May 2023, at 20:30, Dag-Erling Sm=C3=B8rgrav wrote: > "Dave Cottlehuber" <dch@skunkwerks.at> writes: >> https://support.quad9.net/hc/en-us/articles/7200715305997-DNS-over-TL= S-FreeBSD-with-local-unbound >> has a full config on their site, which can be summarised as defaults + > > This is bad advice, please see this instead: > > https://blog.des.no/2018/10/dns-over-tls-in-freebsd-12/ > > (just replace the cloudflare addresses with quad9 addresses) > > DES > --=20 > Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org Thanks DES for a better solution, TIL. I'll see if we can persuade quad9 to update their docs. local_unbound_enable=3DYES local_unbound_tls=3DYES local_unbound_forwarders=3D"9.9.9.9@853#quad9.net 149.112.112.112@853#qu= ad9.net" Running that (for ipv4 config only) yields: forward-zone: name: . forward-tls-upstream: yes forward-addr: 9.9.9.9@853#quad9.net forward-addr: 149.112.112.112@853#quad9.net A+ Dave
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4bac270b-78cc-475e-8a0a-153d615b2f77>