Author Topic: Unbound - DNS over TLS (Read 3030 times)

spetrillo · « **on:** May 17, 2020, 01:58:00 am »

Hello all,

I am wanting to run DNS over TLS via Unbound. I have installed the Unbound addtl plugin to provide this capability. I have setup Unbound custom options section to look as follows:

server:
private-domain: "plex.direct"

server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853

Am I good?

Steve

Mks · « **Reply #1 on:** May 17, 2020, 09:38:22 am »

Hi,

I always recommend to validate the server certificate, see

https://forum.opnsense.org/index.php?topic=16268.msg74664#msg74664

br

mimugmail · « **Reply #2 on:** May 17, 2020, 10:15:24 am »

Validation will come in next version

Mks · « **Reply #3 on:** May 17, 2020, 01:38:46 pm »

Great to read

spetrillo · « **Reply #4 on:** May 18, 2020, 08:09:27 pm »

Well I noticed something under Unbound, in the Misc section. The first attachment shows a section called DNS over TLS Servers. Should I be specifying them here rather than in the Custom Options under General? Should I have them in both places?

mimugmail · « **Reply #5 on:** May 19, 2020, 03:47:25 pm »

With your setup you could use the new field. I'll add a grid view for 20.1.8 so you can add them line by line with certificate checks (which you dont use currently)

spetrillo · « **Reply #6 on:** May 19, 2020, 03:51:50 pm »

Thanks for the assist here.

Author Topic: Unbound - DNS over TLS (Read 3030 times)

spetrillo

Unbound - DNS over TLS

Mks

Re: Unbound - DNS over TLS

mimugmail

Re: Unbound - DNS over TLS

Mks

Re: Unbound - DNS over TLS

spetrillo

Re: Unbound - DNS over TLS

mimugmail

Re: Unbound - DNS over TLS

spetrillo

Re: Unbound - DNS over TLS