OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: Nekromantik on June 30, 2019, 02:20:44 pm

Title: unbound stubby broken on LibreSSL
Post by: Nekromantik on June 30, 2019, 02:20:44 pm

Hi
I changed to LibreSSL 19.1.9 and now Unbound and Stubby does not work.
No DNS.
Until I change unbound to use Cloudflare or Quad9.

Anyone know fix?

Title: Re: unbound stubby broken on LibreSSL
Post by: chemlud on June 30, 2019, 03:12:30 pm

Downgrade unbound to 1.8.1. I have a thread here in the forum somewhere, franco provided the knowledge. Alternative: switch to openssl. I did the downgrade and locked unbound for now.

But the next big upgrade of opnsense might ignore the lock and than you (we) are in trouble....

Title: Re: unbound stubby broken on LibreSSL
Post by: Nekromantik on June 30, 2019, 03:49:27 pm

i switched back to openssl
is    QNAME Minimisation working for you?
i cant get it to work with stubby for some reason on either openssl or libressl

Title: Re: unbound stubby broken on LibreSSL
Post by: chemlud on June 30, 2019, 04:16:11 pm

...sorry, no stubby here, I simply use unbound for DNS-over-TLS with LibreSSL. I didn't check what the advantages of stubby in this setup are. :-)

Title: Re: unbound stubby broken on LibreSSL
Post by: chemlud on July 03, 2019, 02:09:44 pm

I installed 19.1.10 (libreSSL and unbound updates) and for the last 2-3 h DNS-over-TLS has been stable! :-)