1
General Discussion / Trying to use NextDNS for Unbound but lose connection.
« on: September 03, 2020, 01:29:40 pm »
Hi all
I am new to Opnsense and Unbound. I want to use NextDNS for DNS over TLS.
The below config is what is on the NextDNS website.
Use the following in unbound.conf:
But after I input that in Ubound's Custom options box click save and apply. I will lose my DNS connection (Can't even go to google.com)
Here is the log:
But if I put the following it is working fine.
Can anyone please help me? I really want to use NextDNS because a lot of the features they have on their WebUI.
Many thanks
I am new to Opnsense and Unbound. I want to use NextDNS for DNS over TLS.
The below config is what is on the NextDNS website.
Use the following in unbound.conf:
Code: [Select]
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 45.90.28.0#e78da1.dns1.nextdns.io
forward-addr: 2a07:a8c0::#e78da1.dns1.nextdns.io
forward-addr: 45.90.30.0#e78da1.dns2.nextdns.io
forward-addr: 2a07:a8c1::#e78da1.dns2.nextdns.io
But after I input that in Ubound's Custom options box click save and apply. I will lose my DNS connection (Can't even go to google.com)
Here is the log:
Code: [Select]
020-09-03T12:13:49 unbound[2080] [2080:2] info: 192.168.1.141 zb7dq19nvmq-e78da1.test.nextdns.io. A IN
2020-09-03T12:13:49 unbound[2080] [2080:3] info: 192.168.1.141 zb7dq19nvmq-e78da1.test.nextdns.io. A IN
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.28.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.30.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.28.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.30.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.28.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.30.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c0:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c0:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c1:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c1:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c1:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c1:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.30.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.30.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c1:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c0:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.28.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c0:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: for addr 2a07:a8c0:: port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: no TCP outgoing interfaces of family
2020-09-03T12:13:49 unbound[2080] [2080:3] notice: ssl handshake failed 45.90.28.0 port 853
2020-09-03T12:13:49 unbound[2080] [2080:3] error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
2020-09-03T12:13:49 unbound[2080] [2080:3] info: 192.168.1.141 zb7dq19nvmq-e78da1.test.nextdns.io. A IN
2020-09-03T12:13:49 unbound[2080] [2080:0] info: start of service (unbound 1.11.0).
But if I put the following it is working fine.
Code: [Select]
server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 9.9.9.9@853 #Quad9 ip4
forward-addr: 149.112.112.112@853 #Quad9 ip4
forward-addr: 2620:fe::fe@853 #Quad9 ip6
forward-addr: 1.1.1.1@853 #Cloudflare ip4
forward-addr: 1.0.0.1@853 #Cloudflare ip4
forward-addr: 2606:4700:4700::1111@853 #Cloudflare ip6
forward-addr: 2606:4700:4700::1001@853 #Cloudflare ip6
Can anyone please help me? I really want to use NextDNS because a lot of the features they have on their WebUI.
Many thanks