"
I have Opnsense and AdGuard Home (AGH) set up as a plugin on the same machine. Currently, I'm redirecting DNS queries from Opnsense Unbound to AGH over TLS. However, this setup doesn't provide full query transparency from the device to the query.
I'm considering some alternatives:
1. Forwarding the query without TLS.
2. Setting up AGH as the main DNS server and Unbound as a downstream server.
3. Leave it as is
Which setup is more correct or idiomatic in terms of capabilities and network architecture?
I'm considering some alternatives:
1. Forwarding the query without TLS.
2. Setting up AGH as the main DNS server and Unbound as a downstream server.
3. Leave it as is
Which setup is more correct or idiomatic in terms of capabilities and network architecture?
