Not a common problem, but I am using Unbound DNS in connection with NextDNS and I am using DNS over TLS.
The problem is, that as far as I understand, there is only one instance of Unbound I can use for a number of my VLANs - which works rather smoothly, but, as NextDNS allows different filtering profiles, I would like to create groups of VLANs per profile, for now I can only override DNS via DHCP and try to directly provide the NextDNS DNS Servers to the machine, which means losing functionality.
Ideally I could use instances of Unbound that would allow me a DNSoverTLS setting per group of VLAN of to differentiate that within the unbound instance itself.
Does anyone know whether that can be currently done?
How is NextDNS distinguishing the profiles?
Cheers,
Franco
NextDNS provides unique Links for the forwarder and a unique Hostname
ie:
v6 -> prefix::profileID, Hostname profileID.dns.nextdns.io
v4 -> one of the v4 dns adresses they use ->, Hostname profileID.dns.nextdns.io
So, when I do the workaround via DHCP only v6 can be kind of mapped to my ID (profileID), v4 can't be linked to the profile at all.
Thus, the setting would have to be done as in the attached image different per group of vlans.
Sorry to dig this up, but I'm facing the same challenge at the moment and so far I'm not getting anywhere. Did you get anywhere with this? I'm using Cloudflare but I believe it's the same problem.