Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Error reconfiguring IDS
error installing ids rules (Error (1))
Can Unbound DNS probe every server I have listed and serve up the result which responded first? If so, how would I configure this?This used to be possible with DNSMASQ, there was a separate ability to query sequentially, or with with a round robin style for all specified DNS servers.
However, for Unbound, I'm only aware of it using a round robin style query by default.
It's also worth noting, your config mixes two DNS providers with different use cases. Your Google DNS and CloudFlare DNS will do DNSSEC/DoT, but no filtering. Your Quad9 will do DNSSEC/DoT, and malware filtering. Due to the way Unbound will randomly query either one, you may get inconsistent results back to your clients. It's very likely that google may recommend one CDN location, while Quad9 may provide results for another. You'd be better off picking one of those two services only. Which one is another discussion entirely but, Quad9 has a much better stance on user privacy so I know which one I'd go with.
yes it is possible, check "forwarder" in ubound general settings
DNS Query Forwarding [check] Enable Forwarding Mode
in system->settings->general
DNS server options [uncheck] Allow DNS server list to be overridden by DHCP/PPP on WAN
in DNS servers (same page)
for each WAN you have, select different DNS servers
server:
tls-cert-bundle: "/etc/ssl/cert.pem"
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853#one.one.one.one
forward-addr: 1.0.0.1@853#1dot1dot1dot1.cloudflare-dns.com
forward-addr: 2606:4700:4700::1111@853#one.one.one.one
forward-addr: 2606:4700:4700::1001@853#1dot1dot1dot1.cloudflare-dns.com
forward-addr: 9.9.9.9@853#dns9.quad9.net
forward-addr: 149.112.112.112@853#rpz-public-resolver1.rrdns.pch.net
forward-addr: 2620:fe::fe@853#dns.quad9.net
forward-addr: 2620:fe::fe:9@853#dns9.quad9.net
